You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ko...@apache.org on 2015/03/17 11:17:01 UTC
svn commit: r1667233 - in /subversion/trunk/subversion:
mod_dav_svn/reports/get-location-segments.c svnserve/serve.c
Author: kotkov
Date: Tue Mar 17 10:17:01 2015
New Revision: 1667233
URL: http://svn.apache.org/r1667233
Log:
Reject invalid get-location-segments requests in mod_dav_svn and svnserve.
* subversion/mod_dav_svn/reports/get-location-segments.c
(dav_svn__get_location_segments_report): Extend the sanity check.
* subversion/svnserve/serve.c
(get_location_segments): Extend the sanity check.
Modified:
subversion/trunk/subversion/mod_dav_svn/reports/get-location-segments.c
subversion/trunk/subversion/svnserve/serve.c
Modified: subversion/trunk/subversion/mod_dav_svn/reports/get-location-segments.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_dav_svn/reports/get-location-segments.c?rev=1667233&r1=1667232&r2=1667233&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_dav_svn/reports/get-location-segments.c (original)
+++ subversion/trunk/subversion/mod_dav_svn/reports/get-location-segments.c Tue Mar 17 10:17:01 2015
@@ -177,15 +177,34 @@ dav_svn__get_location_segments_report(co
if (! abs_path)
return dav_svn__new_error_svn(resource->pool, HTTP_BAD_REQUEST, 0,
"Not all parameters passed");
- if (SVN_IS_VALID_REVNUM(start_rev)
- && SVN_IS_VALID_REVNUM(end_rev)
- && (end_rev > start_rev))
+
+ /* No START_REV or PEG_REVISION? We'll use HEAD. */
+ if (!SVN_IS_VALID_REVNUM(start_rev) || !SVN_IS_VALID_REVNUM(peg_revision))
+ {
+ svn_revnum_t youngest;
+
+ serr = svn_fs_youngest_rev(&youngest, resource->info->repos->fs,
+ resource->pool);
+ if (serr != NULL)
+ return dav_svn__convert_err(serr, HTTP_INTERNAL_SERVER_ERROR,
+ "Could not determine youngest revision",
+ resource->pool);
+
+ if (!SVN_IS_VALID_REVNUM(start_rev))
+ start_rev = youngest;
+ if (!SVN_IS_VALID_REVNUM(peg_revision))
+ peg_revision = youngest;
+ }
+
+ /* No END_REV? We'll use 0. */
+ if (!SVN_IS_VALID_REVNUM(end_rev))
+ end_rev = 0;
+
+ if (end_rev > start_rev)
return dav_svn__new_error_svn(resource->pool, HTTP_BAD_REQUEST, 0,
"End revision must not be younger than "
"start revision");
- if (SVN_IS_VALID_REVNUM(peg_revision)
- && SVN_IS_VALID_REVNUM(start_rev)
- && (start_rev > peg_revision))
+ if (start_rev > peg_revision)
return dav_svn__new_error_svn(resource->pool, HTTP_BAD_REQUEST, 0,
"Start revision must not be younger than "
"peg revision");
Modified: subversion/trunk/subversion/svnserve/serve.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnserve/serve.c?rev=1667233&r1=1667232&r2=1667233&view=diff
==============================================================================
--- subversion/trunk/subversion/svnserve/serve.c (original)
+++ subversion/trunk/subversion/svnserve/serve.c Tue Mar 17 10:17:01 2015
@@ -2506,9 +2506,30 @@ static svn_error_t *get_location_segment
abs_path = svn_fspath__join(b->repository->fs_path->data, relative_path,
pool);
- if (SVN_IS_VALID_REVNUM(start_rev)
- && SVN_IS_VALID_REVNUM(end_rev)
- && (end_rev > start_rev))
+ SVN_ERR(trivial_auth_request(conn, pool, b));
+ SVN_ERR(log_command(baton, conn, pool, "%s",
+ svn_log__get_location_segments(abs_path, peg_revision,
+ start_rev, end_rev,
+ pool)));
+
+ /* No START_REV or PEG_REVISION? We'll use HEAD. */
+ if (!SVN_IS_VALID_REVNUM(start_rev) || !SVN_IS_VALID_REVNUM(peg_revision))
+ {
+ svn_revnum_t youngest;
+
+ SVN_CMD_ERR(svn_fs_youngest_rev(&youngest, b->repository->fs, pool));
+
+ if (!SVN_IS_VALID_REVNUM(start_rev))
+ start_rev = youngest;
+ if (!SVN_IS_VALID_REVNUM(peg_revision))
+ peg_revision = youngest;
+ }
+
+ /* No END_REV? We'll use 0. */
+ if (!SVN_IS_VALID_REVNUM(end_rev))
+ end_rev = 0;
+
+ if (end_rev > start_rev)
{
err = svn_error_createf(SVN_ERR_INCORRECT_PARAMS, NULL,
"Get-location-segments end revision must not be "
@@ -2516,9 +2537,7 @@ static svn_error_t *get_location_segment
return log_fail_and_flush(err, b, conn, pool);
}
- if (SVN_IS_VALID_REVNUM(peg_revision)
- && SVN_IS_VALID_REVNUM(start_rev)
- && (start_rev > peg_revision))
+ if (start_rev > peg_revision)
{
err = svn_error_createf(SVN_ERR_INCORRECT_PARAMS, NULL,
"Get-location-segments start revision must not "
@@ -2526,12 +2545,6 @@ static svn_error_t *get_location_segment
return log_fail_and_flush(err, b, conn, pool);
}
- SVN_ERR(trivial_auth_request(conn, pool, b));
- SVN_ERR(log_command(baton, conn, pool, "%s",
- svn_log__get_location_segments(abs_path, peg_revision,
- start_rev, end_rev,
- pool)));
-
/* All the parameters are fine - let's perform the query against the
* repository. */