subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart van der Schans <>
Subject Segfault in svn when not allowed to read config (v1.8.10)
Date Wed, 19 Nov 2014 22:11:14 GMT
Hi all,

Today I ran into the following issue: when running svn help/status/etc
with a user that is not allowed to read it's config directory the
command exits with a segfault. Of course this is a bit of a corner
case but it's probably easy to fix. As requested by the "reporting
issues" page I will first run this by the users lists.

The analysis:
svn --version
svn, version 1.8.10 (r1615264)
   compiled Aug 14 2014, 16:55:24 on x86_64-unknown-linux-gnu

(gdb) run
Starting program: /usr/local/bin/svn status
[Thread debugging using libthread_db enabled]
svn: warning: W000013: Can't open file
'/home/user/.subversion/servers': Permission denied

Program received signal SIGSEGV, Segmentation fault.
find_entry (ht=0x0, key=0x420d17, klen=-1, val=0x0) at tables/apr_hash.c:293
293 tables/apr_hash.c: No such file or directory.
in tables/apr_hash.c
(gdb) bt
#0  find_entry (ht=0x0, key=0x420d17, klen=-1, val=0x0) at tables/apr_hash.c:293
#1  0x00007ffff562956b in apr_hash_get (ht=0x0, key=0x420d17, klen=-1)
at tables/apr_hash.c:367
#2  0x000000000041d1f7 in sub_main (argc=<value optimized out>,
argv=<value optimized out>, pool=0x64c2b8)
    at subversion/svn/svn.c:2583

Looking at the code in svn.c the following seems to happen:

Around line 2514 cfg_hash is set to NULL when the directory is inaccessible:

      /* Fallback to default config if the config directory isn't readable
         or is not a directory. */
      if (APR_STATUS_IS_EACCES(err->apr_err)
          || SVN__APR_STATUS_IS_ENOTDIR(err->apr_err))
          svn_handle_warning2(stderr, err, "svn: ");
          cfg_hash = NULL;

Then on line 2583 the cfg_hash is accessed resulting in the segfault:

  cfg_config = svn_hash_gets(cfg_hash, SVN_CONFIG_CATEGORY_CONFIG);

Should I proceed with creating an issue? Is it safe to just remove the
cfg_hash = NULL line? It looks like the config is wiped rather than
reset to it's defaults.


View raw message