You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by iv...@apache.org on 2013/11/13 10:21:05 UTC
svn commit: r1541432 -
/subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
Author: ivan
Date: Wed Nov 13 09:21:05 2013
New Revision: 1541432
URL: http://svn.apache.org/r1541432
Log:
Fix potential crash in mod_authz_svn during startup if
path specified by AuthzSVNAccessFile, AuthzSVNReposRelativeAccessFile, or
AuthzSVNGroupsFile directives is not accessible.
* subversion/mod_authz_svn/mod_authz_svn.c
(canonicalize_access_file): Check return value of
ap_server_root_relative() all and return NULL on error.
(AuthzSVNAccessFile_cmd, AuthzSVNReposRelativeAccessFile_cmd,
AuthzSVNGroupsFile_cmd): Check return value canonicalize_access_file()
call.
Modified:
subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
Modified: subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c?rev=1541432&r1=1541431&r2=1541432&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c Wed Nov 13 09:21:05 2013
@@ -91,7 +91,8 @@ create_authz_svn_dir_config(apr_pool_t *
/* canonicalize ACCESS_FILE based on the type of argument.
* If SERVER_RELATIVE is true, ACCESS_FILE is a relative
* path then ACCESS_FILE is converted to an absolute
- * path rooted at the server root. */
+ * path rooted at the server root.
+ * Returns NULL if path is not valid.*/
static const char *
canonicalize_access_file(const char *access_file,
svn_boolean_t server_relative,
@@ -104,7 +105,11 @@ canonicalize_access_file(const char *acc
else if (!svn_path_is_repos_relative_url(access_file))
{
if (server_relative)
- access_file = ap_server_root_relative(pool, access_file);
+ {
+ access_file = ap_server_root_relative(pool, access_file);
+ if (access_file == NULL)
+ return NULL;
+ }
access_file = svn_dirent_internal_style(access_file, pool);
}
@@ -126,6 +131,8 @@ AuthzSVNAccessFile_cmd(cmd_parms *cmd, v
"directives are mutually exclusive.";
conf->access_file = canonicalize_access_file(arg1, TRUE, cmd->pool);
+ if (!conf->access_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
return NULL;
}
@@ -145,6 +152,9 @@ AuthzSVNReposRelativeAccessFile_cmd(cmd_
conf->repo_relative_access_file = canonicalize_access_file(arg1, FALSE,
cmd->pool);
+ if (!conf->repo_relative_access_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
+
return NULL;
}
@@ -155,6 +165,9 @@ AuthzSVNGroupsFile_cmd(cmd_parms *cmd, v
conf->groups_file = canonicalize_access_file(arg1, TRUE, cmd->pool);
+ if (!conf->groups_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
+
return NULL;
}