Daniel Shahaf wrote on Thu, May 11, 2017 at 05:20:53 +0000:
> Johan Corveleyn wrote on Thu, May 11, 2017 at 01:34:18 +0200:
> > Maybe something like this?
> > "Subversion repositories can be broken, becoming partly inaccessible,
> > by committing two files which have different content, yet produce the
> > same SHA1 checksum. There is no data loss, but parts of the repository
> > can no longer be checked out or committed into."
> Well, there _is_ data loss, so:
> Subversion fails to store a file that has the same sha1 as another
> file in the repository. Attempts to retrieve the first file would
> fail with a checksum error (from the md5 checksum that we also use),
> however, if the two files had not only equal sha1's but also equal md5's,
> then the wrong content would silently be returned.
> Plus a blurb about how that's not going to ever happen by accident.
Oops, that was a suggested Details section, but we're talking about the
Summary section. Pretend I suggested:
Subversion repositories, in the default configuration, fail to store
a file that has the same SHA-1 checksum as another file.
Received on 2017-05-11 07:49:26 CEST