Author: svn-role Date: Fri Sep 28 04:02:10 2012 New Revision: 1391295 URL: http://svn.apache.org/viewvc?rev=1391295&view=rev Log: Merge r1387943 from trunk:
* r1387943 Fix unbounded memory use with SVNPathAuthz short_circuit. Justification: Server process may abort if memory exhausted. Votes: +1: philip, ivan, cmpilato Modified: subversion/branches/1.7.x/ (props changed) subversion/branches/1.7.x/STATUS subversion/branches/1.7.x/subversion/mod_authz_svn/mod_authz_svn.c Propchange: subversion/branches/1.7.x/ ------------------------------------------------------------------------------ Merged /subversion/trunk:r1387943 Modified: subversion/branches/1.7.x/STATUS URL: http://svn.apache.org/viewvc/subversion/branches/1.7.x/STATUS?rev=1391295&r1=1391294&r2=1391295&view=diff ============================================================================== --- subversion/branches/1.7.x/STATUS (original) +++ subversion/branches/1.7.x/STATUS Fri Sep 28 04:02:10 2012 @@ -199,10 +199,3 @@ Veto-blocked changes: Approved changes: ================= - * r1387943 - Fix unbounded memory use with SVNPathAuthz short_circuit. - Justification: - Server process may abort if memory exhausted. - Votes: - +1: philip, ivan, cmpilato - Modified: subversion/branches/1.7.x/subversion/mod_authz_svn/mod_authz_svn.c URL: http://svn.apache.org/viewvc/subversion/branches/1.7.x/subversion/mod_authz_svn/mod_authz_svn.c?rev=1391295&r1=1391294&r2=1391295&view=diff ============================================================================== --- subversion/branches/1.7.x/subversion/mod_authz_svn/mod_authz_svn.c (original) +++ subversion/branches/1.7.x/subversion/mod_authz_svn/mod_authz_svn.c Fri Sep 28 04:02:10 2012 @@ -44,6 +44,7 @@ #include "svn_config.h" #include "svn_string.h" #include "svn_repos.h" +#include "svn_pools.h" #include "svn_dirent_uri.h" #include "private/svn_fspath.h" @@ -163,7 +164,8 @@ static const command_rec authz_svn_cmds[ * Get the, possibly cached, svn_authz_t for this request. */ static svn_authz_t * -get_access_conf(request_rec *r, authz_svn_config_rec *conf) +get_access_conf(request_rec *r, authz_svn_config_rec *conf, + apr_pool_t *scratch_pool) { const char *cache_key = NULL; const char *access_file; @@ -181,7 +183,7 @@ get_access_conf(request_rec *r, authz_sv ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "%s", dav_err->desc); return NULL; } - access_file = svn_dirent_join_many(r->pool, repos_path, "conf", + access_file = svn_dirent_join_many(scratch_pool, repos_path, "conf", conf->repo_relative_access_file, NULL); } @@ -193,7 +195,7 @@ get_access_conf(request_rec *r, authz_sv ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "Path to authz file is %s", access_file); - cache_key = apr_pstrcat(r->pool, "mod_authz_svn:", + cache_key = apr_pstrcat(scratch_pool, "mod_authz_svn:", access_file, (char *)NULL); apr_pool_userdata_get(&user_data, cache_key, r->connection->pool); access_conf = user_data; @@ -242,12 +244,13 @@ convert_case(char *text, svn_boolean_t t /* Return the username to authorize, with case-conversion performed if CONF->force_username_case is set. */ static char * -get_username_to_authorize(request_rec *r, authz_svn_config_rec *conf) +get_username_to_authorize(request_rec *r, authz_svn_config_rec *conf, + apr_pool_t *pool) { char *username_to_authorize = r->user; if (username_to_authorize && conf->force_username_case) { - username_to_authorize = apr_pstrdup(r->pool, r->user); + username_to_authorize = apr_pstrdup(pool, r->user); convert_case(username_to_authorize, strcasecmp(conf->force_username_case, "upper") == 0); } @@ -282,7 +285,8 @@ req_check_access(request_rec *r, svn_authz_t *access_conf = NULL; svn_error_t *svn_err; char errbuf[256]; - const char *username_to_authorize = get_username_to_authorize(r, conf); + const char *username_to_authorize = get_username_to_authorize(r, conf, + r->pool); switch (r->method_number) { @@ -418,7 +422,7 @@ req_check_access(request_rec *r, } /* Retrieve/cache authorization file */ - access_conf = get_access_conf(r,conf); + access_conf = get_access_conf(r,conf, r->pool); if (access_conf == NULL) return DECLINED; @@ -576,14 +580,13 @@ log_access_verdict(LOG_ARGS_SIGNATURE, } /* - * This function is used as a provider to allow mod_dav_svn to bypass the - * generation of an apache request when checking GET access from - * "mod_dav_svn/authz.c" . + * Implementation of subreq_bypass with scratch_pool parameter. */ static int -subreq_bypass(request_rec *r, - const char *repos_path, - const char *repos_name) +subreq_bypass2(request_rec *r, + const char *repos_path, + const char *repos_name, + apr_pool_t *scratch_pool) { svn_error_t *svn_err = NULL; svn_authz_t *access_conf = NULL; @@ -594,7 +597,7 @@ subreq_bypass(request_rec *r, conf = ap_get_module_config(r->per_dir_config, &authz_svn_module); - username_to_authorize = get_username_to_authorize(r, conf); + username_to_authorize = get_username_to_authorize(r, conf, scratch_pool); /* If configured properly, this should never be true, but just in case. */ if (!conf->anonymous @@ -605,7 +608,7 @@ subreq_bypass(request_rec *r, } /* Retrieve authorization file */ - access_conf = get_access_conf(r, conf); + access_conf = get_access_conf(r, conf, scratch_pool); if (access_conf == NULL) return HTTP_FORBIDDEN; @@ -619,7 +622,7 @@ subreq_bypass(request_rec *r, username_to_authorize, svn_authz_none|svn_authz_read, &authz_access_granted, - r->pool); + scratch_pool); if (svn_err) { ap_log_rerror(APLOG_MARK, APLOG_ERR, @@ -649,6 +652,26 @@ subreq_bypass(request_rec *r, } /* + * This function is used as a provider to allow mod_dav_svn to bypass the + * generation of an apache request when checking GET access from + * "mod_dav_svn/authz.c" . + */ +static int +subreq_bypass(request_rec *r, + const char *repos_path, + const char *repos_name) +{ + int status; + apr_pool_t *scratch_pool; + + scratch_pool = svn_pool_create(r->pool); + status = subreq_bypass2(r, repos_path, repos_name, scratch_pool); + svn_pool_destroy(scratch_pool); + + return status; +} + +/* * Hooks */