You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Klaus Rennecke <kr...@tigris.org> on 2004/07/04 14:29:18 UTC
Re: svn commit: r10133 - in trunk/subversion: include libsvn_subr
tests/clients/cmdline tests/libsvn_subr
Hmm, I think this will backtrack over the host name in URLs. Interesting
feature, but intended? And I think absolute_path will be wrong for full
URLs except file:///
If there is a schema part, skip initial segment excluding the following
slash? Something like while(*src && *src != '/') { *(dst++) = *(src++);
} perhaps.
Then the following slash which will be swallowed by the next if{} and
trigger absolute_path. And avoid backtracking over the host name.
Host names are case-insensitive by the way, that might be another
transformation if strict equality is a goal. But this may clash with the
callers that use this function for plain file names.
/Klaus
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: svn commit: r10133 - in trunk/subversion: include libsvn_subr tests/clients/cmdline tests/libsvn_subr
Posted by Josh Pieper <jj...@pobox.com>.
Klaus Rennecke wrote:
> Hmm, I think this will backtrack over the host name in URLs. Interesting
> feature, but intended? And I think absolute_path will be wrong for full
> URLs except file:///
>
> If there is a schema part, skip initial segment excluding the following
> slash? Something like while(*src && *src != '/') { *(dst++) = *(src++);
> } perhaps.
>
> Then the following slash which will be swallowed by the next if{} and
> trigger absolute_path. And avoid backtracking over the host name.
You are of course correct, I'll work on fixing it and adding some test
cases.
Speaking of review, after I put this change in, svn_path_canonicalize
could probably use several pairs of extra eyes. I copied most of the
logic from apr_filepath_merge, but that kind of pointer manipulation
is just the kind of code that security holes like to live in.
> Host names are case-insensitive by the way, that might be another
> transformation if strict equality is a goal. But this may clash with the
> callers that use this function for plain file names.
I think it's best to not worry this for now.
-Josh
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org