You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Clark Rawlins <cl...@bit63.org> on 2002/09/27 13:37:21 UTC
[PATCH] fix for unescaped etag in mod dav checkout.
This small patch fixes a problem where etags sometimes can contain
unescaped & characters.
To reproduce:
svnadmin create test
{configure apache to use test as a repos}
svn co http://localhost/svn/test
cd test
touch test\&test
svn add test\&test
svn commit -m "Add file with an ampersand in the name."
cd ..
rm -rf test
svn co http://localhost/svn/test
XML parse error here!
This five line patch fixes the problem.
Index: repos.c
===================================================================
--- repos.c
+++ repos.c 2002-09-26 22:27:44.000000000 -0500
@@ -1597,6 +1597,7 @@
{
svn_error_t *serr;
svn_revnum_t created_rev;
+ const char *quoted_path;
/* if the resource doesn't exist, isn't a simple REGULAR or VERSION
resource, or it is a Baseline, then it has no etag. */
@@ -1616,9 +1617,12 @@
/* ### what to do? */
return "";
}
+
+ quoted_path = apr_xml_quote_string(resource->pool,
+ resource->info->repos_path, 1);
return apr_psprintf(resource->pool, "\"%" SVN_REVNUM_T_FMT "/%s\"",
- created_rev, resource->info->repos_path);
+ created_rev, quoted_path);
}
static dav_error * dav_svn_set_headers(request_rec *r,
--
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Karl Fogel <kf...@newton.ch.collab.net>.
Philip Martin <ph...@codematters.co.uk> writes:
> > Is this patch from Clark Rawlins still applicable, or has the problem
> > been solved a different way? I have a feeling this got solved
> > already, but I'm not positive and wasn't sure from the logs.
>
> Solved. Rev 3329.
Beautiful, thanks for the quick reply.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Philip Martin <ph...@codematters.co.uk>.
Karl Fogel <kf...@newton.ch.collab.net> writes:
> Is this patch from Clark Rawlins still applicable, or has the problem
> been solved a different way? I have a feeling this got solved
> already, but I'm not positive and wasn't sure from the logs.
Solved. Rev 3329.
--
Philip Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Karl Fogel <kf...@newton.ch.collab.net>.
Is this patch from Clark Rawlins still applicable, or has the problem
been solved a different way? I have a feeling this got solved
already, but I'm not positive and wasn't sure from the logs.
His original message is quoted below, and also here's the same
message's URL in the archives, in case anyone wants to follow the
whole thread there (Philip followed up, for one):
http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=22345
Thanks,
-Karl
Clark Rawlins <cl...@bit63.org> writes:
> This small patch fixes a problem where etags sometimes can contain
> unescaped & characters.
>
> To reproduce:
> svnadmin create test
> {configure apache to use test as a repos}
> svn co http://localhost/svn/test
> cd test
> touch test\&test
> svn add test\&test
> svn commit -m "Add file with an ampersand in the name."
> cd ..
> rm -rf test
> svn co http://localhost/svn/test
> XML parse error here!
>
> This five line patch fixes the problem.
>
>
> Index: repos.c
> ===================================================================
> --- repos.c
> +++ repos.c 2002-09-26 22:27:44.000000000 -0500
> @@ -1597,6 +1597,7 @@
> {
> svn_error_t *serr;
> svn_revnum_t created_rev;
> + const char *quoted_path;
>
> /* if the resource doesn't exist, isn't a simple REGULAR or VERSION
> resource, or it is a Baseline, then it has no etag. */
> @@ -1616,9 +1617,12 @@
> /* ### what to do? */
> return "";
> }
> +
> + quoted_path = apr_xml_quote_string(resource->pool,
> + resource->info->repos_path, 1);
>
> return apr_psprintf(resource->pool, "\"%" SVN_REVNUM_T_FMT "/%s\"",
> - created_rev, resource->info->repos_path);
> + created_rev, quoted_path);
> }
>
> static dav_error * dav_svn_set_headers(request_rec *r,
> --
> "They that can give up essential liberty to obtain a little temporary safety
> deserve neither liberty nor safety."
> - Benjamin Franklin, Historical Review of Pennsylvania, 1759.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Philip Martin <ph...@codematters.co.uk>.
Clark Rawlins <cl...@bit63.org> writes:
> On Fri, Sep 27, 2002 at 04:53:56PM +0100, Philip Martin wrote:
> > I tried something similar, and while the above works, the following
> > fails
> >
> > svn mv http://localhost/svn/test/test\&test \
> > http://localhost/svn/test/test\&test2
> > svn up test
> > A test/test&test2
> > D test/test&test
> >
> Philip,
>
> Did you try it with the patch applied?
Yes.
> I tried the above with the pach applied to mod_dav_svn and it worked fine.
> The client was an unpatched Win32 client.
Interesting. I suppose '&' is just an ordinary character on Win32.
Do we have some platform specific escaping code somewhere?
I've raised issue 907 to track this
http://subversion.tigris.org/issues/show_bug.cgi?id=907
--
Philip Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Clark Rawlins <cl...@bit63.org>.
On Fri, Sep 27, 2002 at 04:53:56PM +0100, Philip Martin wrote:
> I tried something similar, and while the above works, the following
> fails
>
> svn mv http://localhost/svn/test/test\&test \
> http://localhost/svn/test/test\&test2
> svn up test
> A test/test&test2
> D test/test&test
>
Philip,
Did you try it with the patch applied?
I tried the above with the pach applied to mod_dav_svn and it worked fine.
The client was an unpatched Win32 client.
Clark
--
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety."
- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Re: [PATCH] fix for unescaped etag in mod dav checkout.
Posted by Philip Martin <ph...@codematters.co.uk>.
Clark Rawlins <cl...@bit63.org> writes:
> This small patch fixes a problem where etags sometimes can contain
> unescaped & characters.
>
> To reproduce:
> svnadmin create test
> {configure apache to use test as a repos}
> svn co http://localhost/svn/test
> cd test
> touch test\&test
> svn add test\&test
> svn commit -m "Add file with an ampersand in the name."
> cd ..
> rm -rf test
> svn co http://localhost/svn/test
> XML parse error here!
>
> This five line patch fixes the problem.
I tried something similar, and while the above works, the following
fails
svn mv http://localhost/svn/test/test\&test \
http://localhost/svn/test/test\&test2
svn up test
A test/test&test2
D test/test&test
> Index: repos.c
> ===================================================================
> --- repos.c
> +++ repos.c 2002-09-26 22:27:44.000000000 -0500
> @@ -1597,6 +1597,7 @@
> {
> svn_error_t *serr;
> svn_revnum_t created_rev;
> + const char *quoted_path;
>
> /* if the resource doesn't exist, isn't a simple REGULAR or VERSION
> resource, or it is a Baseline, then it has no etag. */
> @@ -1616,9 +1617,12 @@
> /* ### what to do? */
> return "";
> }
> +
> + quoted_path = apr_xml_quote_string(resource->pool,
> + resource->info->repos_path, 1);
>
> return apr_psprintf(resource->pool, "\"%" SVN_REVNUM_T_FMT "/%s\"",
> - created_rev, resource->info->repos_path);
> + created_rev, quoted_path);
> }
>
> static dav_error * dav_svn_set_headers(request_rec *r,
--
Philip Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org