Return-Path: 
 <commits-return-37664-apmail-subversion-commits-archive=subversion.apache.org@subversion.apache.org>
X-Original-To: apmail-subversion-commits-archive@minotaur.apache.org
Delivered-To: apmail-subversion-commits-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 173C517FDF
	for <apmail-subversion-commits-archive@minotaur.apache.org>;
 Tue, 30 Sep 2014 10:52:16 +0000 (UTC)
Received: (qmail 98286 invoked by uid 500); 30 Sep 2014 10:52:15 -0000
Delivered-To: apmail-subversion-commits-archive@subversion.apache.org
Received: (qmail 98251 invoked by uid 500); 30 Sep 2014 10:52:15 -0000
Mailing-List: contact commits-help@subversion.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@subversion.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@subversion.apache.org>
List-Post: <mailto:commits@subversion.apache.org>
List-Id: <commits.subversion.apache.org>
Reply-To: dev@subversion.apache.org
Delivered-To: mailing list commits@subversion.apache.org
Received: (qmail 98241 invoked by uid 99); 30 Sep 2014 10:52:15 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Sep 2014 10:52:15 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Sep 2014 10:51:53 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id B54A123889BB;
	Tue, 30 Sep 2014 10:51:51 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1628392 -
 /subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c
Date: Tue, 30 Sep 2014 10:51:51 -0000
To: commits@subversion.apache.org
From: stefan2@apache.org
X-Mailer: svnmailer-1.0.9
Message-Id: <20140930105151.B54A123889BB@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: stefan2
Date: Tue Sep 30 10:51:51 2014
New Revision: 1628392

URL: http://svn.apache.org/r1628392
Log:
Some of our FSFS config settings will cause malfunction if invalid
values were given.  Thus, sanitize them before using them.

* subversion/libsvn_fs_fs/fs_fs.c
  (sanitize_block_size): New function to verify config data.
  (read_config): Use the new function to guarantee valid settings
                 in our FS struct.

Modified:
    subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c

Modified: subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c?rev=1628392&r1=1628391&r2=1628392&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c (original)
+++ subversion/trunk/subversion/libsvn_fs_fs/fs_fs.c Tue Sep 30 10:51:51 2014
@@ -644,6 +644,41 @@ svn_fs_fs__fs_supports_mergeinfo(svn_fs_
   return ffd->format >= SVN_FS_FS__MIN_MERGEINFO_FORMAT;
 }
 
+/* Check that BLOCK_SIZE is a valid block / page size, i.e. it is within
+ * the range of what the current system may address in RAM and it is a
+ * power of 2.  Assume that the element size within the block is ITEM_SIZE.
+ */
+static svn_error_t *
+verify_block_size(apr_int64_t block_size,
+                  apr_size_t item_size,
+                  const char *name)
+{
+  /* Limit range. */
+  if (block_size <= 0)
+    return svn_error_createf(SVN_ERR_BAD_CONFIG_VALUE, NULL,
+                             _("%" APR_INT64_T_FMT " is too small for "
+                               "fsfs.conf setting '%s'."),
+                             block_size, name);
+
+  if (block_size > SVN_MAX_OBJECT_SIZE / item_size)
+    return svn_error_createf(SVN_ERR_BAD_CONFIG_VALUE, NULL,
+                             _("%" APR_INT64_T_FMT " is too large for "
+                               "fsfs.conf setting '%s'."),
+                             block_size, name);
+
+  /* Ensure it is a power of two.
+   * For positive X,  X & (X-1) will reset the lowest bit set.
+   * If the result is 0, at most one bit has been set. */
+  if (0 != (block_size & (block_size - 1)))
+    return svn_error_createf(SVN_ERR_BAD_CONFIG_VALUE, NULL,
+                             _("%" APR_INT64_T_FMT " is invalid for "
+                               "fsfs.conf setting '%s' because it is "
+                               "not a power of 2."),
+                             block_size, name);
+
+  return SVN_NO_ERROR;
+}
+
 /* Read the configuration information of the file system at FS_PATH
  * and set the respective values in FFD.  Use pools as usual.
  */
@@ -743,6 +778,16 @@ read_config(fs_fs_data_t *ffd,
                                    CONFIG_OPTION_P2L_PAGE_SIZE,
                                    0x400));
 
+      /* Don't accept unreasonable or illegal values.
+       * Block size and P2L page size are in kbytes;
+       * L2P blocks are arrays of apr_off_t. */
+      SVN_ERR(verify_block_size(ffd->block_size, 0x400,
+                                CONFIG_OPTION_BLOCK_SIZE));
+      SVN_ERR(verify_block_size(ffd->p2l_page_size, 0x400,
+                                CONFIG_OPTION_P2L_PAGE_SIZE));
+      SVN_ERR(verify_block_size(ffd->l2p_page_size, sizeof(apr_off_t),
+                                CONFIG_OPTION_L2P_PAGE_SIZE));
+
       /* convert kBytes to bytes */
       ffd->block_size *= 0x400;
       ffd->p2l_page_size *= 0x400;