You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by st...@apache.org on 2019/09/03 14:35:05 UTC
svn commit: r1866322 - /subversion/trunk/subversion/svnserve/serve.c
Author: stsp
Date: Tue Sep 3 14:35:05 2019
New Revision: 1866322
URL: http://svn.apache.org/viewvc?rev=1866322&view=rev
Log:
Use more of the new _safe variants of canonicalization functions.
* subversion/svnserve/serve.c
(find_repos): Use svn_dirent_canonicalize_safe() instead of
svn_dirent_canonicalize().
Modified:
subversion/trunk/subversion/svnserve/serve.c
Modified: subversion/trunk/subversion/svnserve/serve.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/svnserve/serve.c?rev=1866322&r1=1866321&r2=1866322&view=diff
==============================================================================
--- subversion/trunk/subversion/svnserve/serve.c (original)
+++ subversion/trunk/subversion/svnserve/serve.c Tue Sep 3 14:35:05 2019
@@ -3893,6 +3893,7 @@ find_repos(const char *url,
apr_pool_t *scratch_pool)
{
const char *path, *full_path, *fs_path, *hooks_env, *canonical_path;
+ const char *canonical_root;
svn_stringbuf_t *url_buf;
svn_boolean_t sasl_requested;
@@ -3919,8 +3920,9 @@ find_repos(const char *url,
"Couldn't determine repository path");
/* Join the server-configured root with the client path. */
- full_path = svn_dirent_join(svn_dirent_canonicalize(root, scratch_pool),
- path, scratch_pool);
+ SVN_ERR(svn_dirent_canonicalize_safe(&canonical_root, NULL, root,
+ scratch_pool, scratch_pool));
+ full_path = svn_dirent_join(canonical_root, path, scratch_pool);
/* Search for a repository in the full path. */
repository->repos_root = svn_repos_find_root_path(full_path, result_pool);
@@ -3941,7 +3943,7 @@ find_repos(const char *url,
svn_path_remove_components(url_buf,
svn_path_component_count(repository->fs_path->data));
repository->repos_url = url_buf->data;
- repository->authz_repos_name = svn_dirent_is_child(root,
+ repository->authz_repos_name = svn_dirent_is_child(canonical_root,
repository->repos_root,
result_pool);
if (repository->authz_repos_name == NULL)