RE: svn commit: r1354876 - /subversion/trunk/subversion/libsvn_subr/dirent_uri.c

Thu, 28 Jun 2012 03:06:18 -0700 


> -----Original Message-----
> From: s...@apache.org [mailto:s...@apache.org]
> Sent: donderdag 28 juni 2012 11:17
> To: comm...@subversion.apache.org
> Subject: svn commit: r1354876 -
> /subversion/trunk/subversion/libsvn_subr/dirent_uri.c
> 
> Author: stsp
> Date: Thu Jun 28 09:16:41 2012
> New Revision: 1354876
> 
> URL: http://svn.apache.org/viewvc?rev=1354876&view=rev
> Log:
> * subversion/libsvn_subr/dirent_uri.c
>   (svn_dirent_get_absolute): If the provided input is already absolute, just
>    return a copy of the input instead of asking APR to figure out the absolute
>    path. This should allow Subversion to run within a directory which has been
>    removed, as long the user passes absolute paths.
>    See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678845
> 
> Modified:
>     subversion/trunk/subversion/libsvn_subr/dirent_uri.c
> 
> Modified: subversion/trunk/subversion/libsvn_subr/dirent_uri.c
> URL:
> http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/dir
> ent_uri.c?rev=1354876&r1=1354875&r2=1354876&view=diff
> ==========================================================
> ====================
> --- subversion/trunk/subversion/libsvn_subr/dirent_uri.c (original)
> +++ subversion/trunk/subversion/libsvn_subr/dirent_uri.c Thu Jun 28
> 09:16:41 2012
> @@ -1554,6 +1554,13 @@ svn_dirent_get_absolute(const char **pab
> 
>    SVN_ERR_ASSERT(! svn_path_is_url(relative));
> 
> +  /* If the input is already absolute, just copy it to the result pool. */
> +  if (svn_dirent_is_absolute(relative))
> +    {
> +      *pabsolute = apr_pstrdup(pool, relative);
> +      return SVN_NO_ERROR;
> +    }

svn_dirent_is_absolute("/my/subdir/with/../../..") returns TRUE, so this patch 
breaks all scenarios that assume that making the path absolute makes it 
canonical. (Which we do *everywhere* in libsvn_wc)

For unix every path that starts with a "/" would return TRUE.

This check would be safe if the svn_dirent_is_absolute() function would also 
check that the part after the root (which might be something like "A:/" on 
Windows) was a valid relpath, but that would make it much more expensive for 
the cases where it is used now.

        Bert

Reply via email to