subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From danie...@apache.org
Subject svn commit: r1166111 - in /subversion/trunk/subversion: libsvn_repos/authz.c tests/libsvn_repos/repos-test.c
Date Wed, 07 Sep 2011 11:00:27 GMT
Author: danielsh
Date: Wed Sep  7 11:00:27 2011
New Revision: 1166111

URL: http://svn.apache.org/viewvc?rev=1166111&view=rev
Log:
Path-based authz: error out on non-canonical fspaths in the input.  (We
already canonicalize fspaths passed to the API for access testing.)

This is an incompatible change: some previously-accepted authz files
will now cause visible errors.  However, before this change the semantics
of such authz files might have been different from what a casual gloss
over them would have suggested.

Found by: Malte Schirmacher
(thana on IRC)

* subversion/libsvn_repos/authz.c
  (authz_validate_section): Validate the fspath part of the section name.

* subversion/tests/libsvn_repos/repos-test.c
  (authz): Add a basic regression test for this.

Modified:
    subversion/trunk/subversion/libsvn_repos/authz.c
    subversion/trunk/subversion/tests/libsvn_repos/repos-test.c

Modified: subversion/trunk/subversion/libsvn_repos/authz.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_repos/authz.c?rev=1166111&r1=1166110&r2=1166111&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_repos/authz.c (original)
+++ subversion/trunk/subversion/libsvn_repos/authz.c Wed Sep  7 11:00:27 2011
@@ -723,8 +723,25 @@ static svn_boolean_t authz_validate_sect
     svn_config_enumerate2(b->config, name, authz_validate_alias,
                           baton, pool);
   else
-    svn_config_enumerate2(b->config, name, authz_validate_rule,
-                          baton, pool);
+    {
+      /* Validate the section's name. Skip the optional REPOS_NAME. */
+      const char *fspath = strchr(name, ':');
+      if (fspath)
+        fspath++;
+      else
+        fspath = name;
+      if (! svn_fspath__is_canonical(fspath))
+        {
+          b->err = svn_error_createf(SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
+                                     "Section name '%s' contains non-canonical "
+                                     "fspath '%s'",
+                                     name, fspath);
+          return FALSE;
+        }
+
+      svn_config_enumerate2(b->config, name, authz_validate_rule,
+                            baton, pool);
+    }
 
   if (b->err)
     return FALSE;

Modified: subversion/trunk/subversion/tests/libsvn_repos/repos-test.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/libsvn_repos/repos-test.c?rev=1166111&r1=1166110&r2=1166111&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/libsvn_repos/repos-test.c (original)
+++ subversion/trunk/subversion/tests/libsvn_repos/repos-test.c Wed Sep  7 11:00:27 2011
@@ -1314,6 +1314,14 @@ authz(apr_pool_t *pool)
                             "Regression: incomplete ancestry test "
                             "for recursive access lookup.");
 
+  /* The authz rules for the phase 4 tests */
+  contents =
+    "[greek:/dir2//secret]"                                                  NL
+    "* ="                                                                    NL;
+  err = authz_get_handle(&authz_cfg, contents, subpool);
+  SVN_TEST_ASSERT_ERROR(err, SVN_ERR_AUTHZ_INVALID_CONFIG);
+  svn_error_clear(err);
+
   /* That's a wrap! */
   svn_pool_destroy(subpool);
   return SVN_NO_ERROR;



Mime
View raw message