Author: hartmannathan Date: Tue May 21 18:59:53 2024 New Revision: 1917864 URL: http://svn.apache.org/viewvc?rev=1917864&view=rev Log: Fix cmdline parsing bug: check the change argument for a double minus.
If the changeno is negative and is_negative is TRUE, raise SVN_ERR_CL_ARG_PARSING_ERROR, because string with a double minus is not a valid number. Do the same if the changeno_end is negative. * subversion/svn/svn.c (sub_main): If the changeno is negative and is_negative is TRUE, raise SVN_ERR_CL_ARG_PARSING_ERROR. Do the same if the changeno_end is negative. * subversion/tests/cmdline/diff_tests.py (diff_invalid_change_arg): New test. (test_list): Run new test. See the dev@ mail list thread started 19 May 2024: "[PATCH] Check the change argument for a double minus at the start." archived here and elsewhere: https://lists.apache.org/thread/tbld0locs0t3pq1hxzh2q1hqvx85l6gp Patch by: Timofey Zhakov (tima {at} chemodax _dot_ net) Review by: hartmannathan jun66j5 Modified: subversion/trunk/subversion/svn/svn.c subversion/trunk/subversion/tests/cmdline/diff_tests.py Modified: subversion/trunk/subversion/svn/svn.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svn/svn.c?rev=1917864&r1=1917863&r2=1917864&view=diff ============================================================================== --- subversion/trunk/subversion/svn/svn.c (original) +++ subversion/trunk/subversion/svn/svn.c Tue May 21 18:59:53 2024 @@ -2377,6 +2377,15 @@ sub_main(int *exit_code, int argc, const while (*s == 'r') s++; changeno_end = strtol(s, &end, 10); + + if (changeno_end < 0) + { + return svn_error_createf( + SVN_ERR_CL_ARG_PARSING_ERROR, NULL, + _("Negative number in range (%s)" + " not supported with -c"), + change_str); + } } if (end == change_str || *end != '\0') { @@ -2391,6 +2400,14 @@ sub_main(int *exit_code, int argc, const _("There is no change 0")); } + /* The revision number cannot contain a double minus */ + if (changeno < 0 && is_negative) + { + return svn_error_createf(SVN_ERR_CL_ARG_PARSING_ERROR, NULL, + _("Non-numeric change argument " + "(%s) given to -c"), change_str); + } + if (is_negative) changeno = -changeno; Modified: subversion/trunk/subversion/tests/cmdline/diff_tests.py URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/diff_tests.py?rev=1917864&r1=1917863&r2=1917864&view=diff ============================================================================== --- subversion/trunk/subversion/tests/cmdline/diff_tests.py (original) +++ subversion/trunk/subversion/tests/cmdline/diff_tests.py Tue May 21 18:59:53 2024 @@ -5329,6 +5329,36 @@ def diff_nonexistent_in_wc(sbox): svntest.actions.run_and_verify_svn(expected_output_head_base, [], 'diff', '-r', '1') +def diff_invalid_change_arg(sbox): + "invalid change argument" + + sbox.build() + + svntest.actions.run_and_verify_svn( + None, + (r'.*svn: E205000: Non-numeric change argument \(--1\) given to -c'), + 'diff', sbox.wc_dir, '-c', '--1') + + svntest.actions.run_and_verify_svn( + None, + (r'.*svn: E205000: Non-numeric change argument \(-r-1\) given to -c'), + 'diff', sbox.wc_dir, '-c', '-r-1') + + svntest.actions.run_and_verify_svn( + None, + (r'.*svn: E205000: Negative number in range \(1--3\) not supported with -c'), + 'diff', sbox.wc_dir, '-c', '1--3') + + # 'r' is not a number + svntest.actions.run_and_verify_svn( + None, + (r'.*svn: E205000: Non-numeric change argument \(r1--r3\) given to -c'), + 'diff', sbox.wc_dir, '-c', 'r1--r3') + + svntest.actions.run_and_verify_svn( + None, + (r'.*svn: E205000: Negative number in range \(r1-r-3\) not supported with -c'), + 'diff', sbox.wc_dir, '-c', 'r1-r-3') ######################################################################## #Run the tests @@ -5431,6 +5461,7 @@ test_list = [ None, diff_file_replaced_by_symlink, diff_git_format_copy, diff_nonexistent_in_wc, + diff_invalid_change_arg, ] if __name__ == '__main__':
