You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ph...@apache.org on 2012/07/17 15:17:34 UTC
svn commit: r1362480 - /subversion/trunk/subversion/libsvn_fs/fs-loader.c
Author: philip
Date: Tue Jul 17 13:17:34 2012
New Revision: 1362480
URL: http://svn.apache.org/viewvc?rev=1362480&view=rev
Log:
* subversion/libsvn_fs/fs-loader.c
(load_module): Only allow alphanumeric characters in name.
Suggested by: ivan
Modified:
subversion/trunk/subversion/libsvn_fs/fs-loader.c
Modified: subversion/trunk/subversion/libsvn_fs/fs-loader.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_fs/fs-loader.c?rev=1362480&r1=1362479&r2=1362480&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_fs/fs-loader.c (original)
+++ subversion/trunk/subversion/libsvn_fs/fs-loader.c Tue Jul 17 13:17:34 2012
@@ -110,6 +110,15 @@ load_module(fs_init_func_t *initfunc, co
const char *libname;
const char *funcname;
apr_status_t status;
+ apr_size_t i;
+
+ /* Demand a simple alphanumeric name so that the generated DSO
+ name is sensible. */
+ for (i = 0; i < strlen(name); ++i)
+ if (!svn_ctype_isalnum(name[i]))
+ return svn_error_createf(SVN_ERR_FS_UNKNOWN_FS_TYPE, NULL,
+ _("Invalid name for FS type '%s'"),
+ name);
libname = apr_psprintf(pool, "libsvn_fs_%s-%d.so.0",
name, SVN_VER_MAJOR);
Re: svn commit: r1362480 -
/subversion/trunk/subversion/libsvn_fs/fs-loader.c
Posted by Daniel Shahaf <d....@daniel.shahaf.name>.
Blair Zajac wrote on Tue, Jul 17, 2012 at 09:48:25 -0700:
> On 7/17/12 6:17 AM, philip@apache.org wrote:
> >Author: philip
> >Date: Tue Jul 17 13:17:34 2012
> >New Revision: 1362480
> >
> >URL: http://svn.apache.org/viewvc?rev=1362480&view=rev
> >Log:
> >* subversion/libsvn_fs/fs-loader.c
> > (load_module): Only allow alphanumeric characters in name.
> >
>
> > apr_status_t status;
> >+ apr_size_t i;
> >+
> >+ /* Demand a simple alphanumeric name so that the generated DSO
> >+ name is sensible. */
> >+ for (i = 0; i < strlen(name); ++i)
> >+ if (!svn_ctype_isalnum(name[i]))
> >+ return svn_error_createf(SVN_ERR_FS_UNKNOWN_FS_TYPE, NULL,
> >+ _("Invalid name for FS type '%s'"),
> >+ name);
>
> This code doesn't probably get run often, but generally it's better
> to iterate through name using pointers instead of strlen() since the
> later scans the string twice.
>
Once per iteration of the loop...
(Yes, you both know this, but http://xkcd.com/386/)
> Blair
>
>
Re: svn commit: r1362480 - /subversion/trunk/subversion/libsvn_fs/fs-loader.c
Posted by Philip Martin <ph...@wandisco.com>.
Blair Zajac <bl...@orcaware.com> writes:
> This code doesn't probably get run often, but generally it's better to
> iterate through name using pointers instead of strlen() since the
> later scans the string twice.
Agreed. r1362569.
--
Cerified & Supported Apache Subversion Downloads:
http://www.wandisco.com/subversion/download
Re: svn commit: r1362480 - /subversion/trunk/subversion/libsvn_fs/fs-loader.c
Posted by Blair Zajac <bl...@orcaware.com>.
On 7/17/12 6:17 AM, philip@apache.org wrote:
> Author: philip
> Date: Tue Jul 17 13:17:34 2012
> New Revision: 1362480
>
> URL: http://svn.apache.org/viewvc?rev=1362480&view=rev
> Log:
> * subversion/libsvn_fs/fs-loader.c
> (load_module): Only allow alphanumeric characters in name.
>
> apr_status_t status;
> + apr_size_t i;
> +
> + /* Demand a simple alphanumeric name so that the generated DSO
> + name is sensible. */
> + for (i = 0; i < strlen(name); ++i)
> + if (!svn_ctype_isalnum(name[i]))
> + return svn_error_createf(SVN_ERR_FS_UNKNOWN_FS_TYPE, NULL,
> + _("Invalid name for FS type '%s'"),
> + name);
This code doesn't probably get run often, but generally it's better to iterate
through name using pointers instead of strlen() since the later scans the string
twice.
Blair