On Mon, May 18, 2015 at 1:16 AM, Daniel Shahaf <d...@daniel.shahaf.name>
wrote:
> Stefan,
>
> How about the following patch to sanity check the rev file footer?
>
Committed as r1680460 with a minor modification.
>
> Index: subversion/libsvn_fs_fs/low_level.c
> ===================================================================
> --- subversion/libsvn_fs_fs/low_level.c (revision 1679906)
> +++ subversion/libsvn_fs_fs/low_level.c (working copy)
> @@ -196,9 +196,10 @@ svn_fs_fs__parse_footer(apr_off_t *l2p_offset,
> svn_checksum_t **p2l_checksum,
> svn_stringbuf_t *footer,
> svn_revnum_t rev,
> + svn_filesize_t filesize,
> apr_pool_t *result_pool)
> {
> - apr_int64_t val;
> + apr_uint64_t val;
>
File size and offsets are signed ints. So, I kept i64 here ...
> char *last_str = footer->data;
>
> /* Get the L2P offset. */
> @@ -207,7 +208,8 @@ svn_fs_fs__parse_footer(apr_off_t *l2p_offset,
> return svn_error_create(SVN_ERR_FS_CORRUPT, NULL,
> _("Invalid revision footer"));
>
> - SVN_ERR(svn_cstring_atoi64(&val, str));
> + SVN_ERR_W(svn_cstring_strtoui64(&val, str, 0, filesize-1, 10),
> + "Invalid L2P offset in revision footer");
>
... and used svn_cstring_strtoi64() here to prevent implicit
conversions.
Thanks for the patch!
-- Stefan^2.
