Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

Stefan Fuhrmann writes: > I had two basic options to fix the bug. > (1) Use svn_string_compare that is there for exactly that purpose. > (2) Fall back to low-level C-string ops and hope to get it right this time. > > I chose with option (1). We use the "sizeof(define) -1" construct > in at least

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

On Mon, Feb 9, 2015 at 4:52 PM, Evgeny Kotkov wrote: > Stefan Fuhrmann writes: > > >> As it turns out, this particular micro-optimization makes a data leak > >> possible. This is not a real security issue, as the change happened on > >> trunk and didn't become part of any released version. Sti

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

Stefan Fuhrmann writes: >> As it turns out, this particular micro-optimization makes a data leak >> possible. This is not a real security issue, as the change happened on >> trunk and didn't become part of any released version. Still, I think >> that we should fix this prior to making 1.9 publi

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

On Mon, Feb 9, 2015 at 4:38 PM, Branko Čibej wrote: > On 09.02.2015 16:34, Stefan Fuhrmann wrote: > > On Mon, Feb 9, 2015 at 3:05 PM, Evgeny Kotkov > > mailto:evgeny.kot...@visualsvn.com>> > wrote: > > > > I committed a failing test in r1658406. As for fixing this issue, > > I think that

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

On 09.02.2015 16:34, Stefan Fuhrmann wrote: > On Mon, Feb 9, 2015 at 3:05 PM, Evgeny Kotkov > mailto:evgeny.kot...@visualsvn.com>> wrote: > > I committed a failing test in r1658406. As for fixing this issue, > I think that > we should entirely revert this changeset. > > > Authz perform

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

On Mon, Feb 9, 2015 at 3:05 PM, Evgeny Kotkov wrote: > Stefan Fuhrmann writes: > > > Within libsvn_repos get_log functionality, pass the list of wanted > revprops > > around as an array of svn_string_t* instead of const char*. The added > length > > info allows for more effient functions to be

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

On 09.02.2015 15:56, Bert Huijben wrote: > >> -Original Message- >> From: Evgeny Kotkov [mailto:evgeny.kot...@visualsvn.com] >> Sent: maandag 9 februari 2015 15:06 >> To: Subversion Development >> Subject: Re: svn commit: r1483570 - >> /subvers

RE: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

> -Original Message- > From: Evgeny Kotkov [mailto:evgeny.kot...@visualsvn.com] > Sent: maandag 9 februari 2015 15:06 > To: Subversion Development > Subject: Re: svn commit: r1483570 - > /subversion/trunk/subversion/libsvn_repos/log.c > > Stefan Fuhrman

Re: svn commit: r1483570 - /subversion/trunk/subversion/libsvn_repos/log.c

Stefan Fuhrmann writes: > Within libsvn_repos get_log functionality, pass the list of wanted revprops > around as an array of svn_string_t* instead of const char*. The added length > info allows for more effient functions to be used. Do that. [...] > - char *name = APR_ARRAY_IDX(