On Wed, Mar 27, 2013 at 7:20 PM, C. Michael Pilato <cmpil...@collab.net> wrote: > On 03/27/2013 11:03 AM, Stefan Sperling wrote: >> On Wed, Mar 27, 2013 at 10:52:04AM -0400, C. Michael Pilato wrote: >>>> I think we'll have to block these paths at the FS layer. >>> >>> If FSFS is fundamentally unable to support these types of paths, then sure, >>> let's go ahead and protect against the failure at that level. But please >>> don't overreach here -- block only the paths that FSFS simply cannot deal >>> with. There have been other tools built atop the FS layer in the past >>> (wikis, etc.) and could be in the future -- this is, after all, why we have >>> distinct FS and repos APIs -- and we shouldn't be artificially limiting what >>> folks can do with the that API. >> >> That's fine. The fix I've committed and proposed for backport applies >> the large hammer and blocks any control characters. If there's a case >> to be made for relaxing this check I'm happy to do that. > > Sorry, but I'm -1 on that change. How did this expand from "trailing > newlines" to "any control character"? > I'm with Mike here. Another problem that you used svn_path_check() API to validate incoming name. But svn_path_check() is to validate disk file names, not FS filenames.
-- Ivan Zhakov
