subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject svn commit: r1825736 - /subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
Date Fri, 02 Mar 2018 18:30:56 GMT
Author: stsp
Date: Fri Mar  2 18:30:56 2018
New Revision: 1825736

URL: http://svn.apache.org/viewvc?rev=1825736&view=rev
Log:
Fix a memory usage problem in mod_authz_svn.

The authz config was being repeatadly re-read into the per-connection pool
which could drive the server out of memory.

* subversion/mod_authz_svn/mod_authz_svn.c
  (get_access_conf): Accept a result pool to store authz config in,
   instead of storing the config in the global connection pool.
  (req_check_access, subreq_bypass2): Give a per-request scratch pool
   to get_access_conf() as result pool.

Found by: kotkov
Tested by: philip

Modified:
    subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c

Modified: subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c?rev=1825736&r1=1825735&r2=1825736&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c Fri Mar  2 18:30:56 2018
@@ -395,10 +395,11 @@ resolve_repos_relative_url(const char **
 }
 
 /*
- * Get the, possibly cached, svn_authz_t for this request.
+ * Get the svn_authz_t for this request.
  */
 static svn_authz_t *
 get_access_conf(request_rec *r, authz_svn_config_rec *conf,
+                apr_pool_t *result_pool,
                 apr_pool_t *scratch_pool)
 {
   const char *access_file;
@@ -467,7 +468,7 @@ get_access_conf(request_rec *r, authz_sv
   svn_err = svn_repos_authz_read3(&access_conf,
                                   access_file, groups_file,
                                   TRUE, NULL,
-                                  r->connection->pool, scratch_pool);
+                                  result_pool, scratch_pool);
 
   if (svn_err)
     {
@@ -687,7 +688,7 @@ req_check_access(request_rec *r,
     }
 
   /* Retrieve/cache authorization file */
-  access_conf = get_access_conf(r,conf, r->pool);
+  access_conf = get_access_conf(r,conf, r->pool, r->pool);
   if (access_conf == NULL)
     return DECLINED;
 
@@ -804,7 +805,7 @@ subreq_bypass2(request_rec *r,
     }
 
   /* Retrieve authorization file */
-  access_conf = get_access_conf(r, conf, scratch_pool);
+  access_conf = get_access_conf(r, conf, scratch_pool, scratch_pool);
   if (access_conf == NULL)
     return HTTP_FORBIDDEN;
 



Mime
View raw message