On Thu, Aug 8, 2013 at 1:08 AM, Ben Reser <b...@reser.org> wrote: > On Wed, Aug 7, 2013 at 1:03 PM, Roderich Schupp > <roderich.sch...@gmail.com> wrote: >> Err... the cache apr_hash_t by construction cannot contain keys (i.e.paths) >> that are not in the authz file also, so is bounded by the size of the >> corresponding svn_config_t. In fact, one could precompute the maximal >> cache on the first call to svn_repos_authz_check_access() by >> iterating over all paths in svn_config_t. > > Yes that's true. I know there are people out there with very large > authz files though. Your cache isn't going to use much extra memory > for most connections. But an attacker can deliberately use more. I > agree in many if not most cases that still won't be an issue, but it's > an issue that at a minimum we have to point out to our admins. > I don't see problem here: in worst scenario cache size would same as authorization file. So even for large authorization files memory usage will be limited.
Other approaches are: 1. use svn_cache__t object to store cached values 2. Factor out configuration file parser and store authorization settings in our own hash table with interesting cached values. -- Ivan Zhakov CTO | VisualSVN | http://www.visualsvn.com
