[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CVS lockdir bug with repository symlinks
|
From: |
Ambalu, Robert |
|
Subject: |
RE: CVS lockdir bug with repository symlinks |
|
Date: |
Tue, 23 Mar 2004 14:32:04 -0500 |
Hey guys,
Looks like I totally dropped the ball on this one and now its starting to
bite us since we cant update to the latest rev without a manual merge of the
code.
Can we revisit this bugfix?
Please let me know if you need anything, here's the diff from lock.c in cvs
rev 1.11.2.
You'll probably have to #define realpath( path ) path to get this to compile
on NT though.
Thanks
- Rob
--- lock.c 28 Nov 2002 00:50:00 -0000 1.1.1.1
+++ lock.c 24 Jan 2003 18:01:05 -0000 1.4
@@ -158,6 +158,10 @@
mode_t save_umask;
int saved_umask = 0;
+ /*full path in actual repository, less relative portions and
+ symbolic links*/
+ char real_path[PATH_MAX];
+
if (lock_dir == NULL)
{
/* This is the easy case. Because the lock files go directly
@@ -176,9 +180,53 @@
assert (current_parsed_root->directory != NULL);
assert (strncmp (repository, current_parsed_root->directory,
strlen (current_parsed_root->directory)) == 0);
- short_repos = repository + strlen (current_parsed_root->directory) +
1;
- if (strcmp (repository, current_parsed_root->directory) == 0)
+ /*in order to avoid problems with symlinks in the repository, which
would
+ lead to putting locks in the wrong directories, expand the given
path
+ to give the REAL path to the directory we are accessing*/
+ if(realpath(repository, real_path)==NULL)
+ {
+ error(1, errno, "Error evaluating real path for %s",
repository);
+ }
+
+ /*if realpath != original given path, then some symlink or possibly
+ relative dirs were expanded, run extra checks on expanded path,
such
+ as making sure it exists and making sure it points to somewhere
within
+ the repository*/
+ if(strcmp(real_path, repository))
+ {
+
+ /*check if evaluated path actually exists, this may be
overkill
+ but doesn't hurt to check*/
+ if(access(real_path, F_OK))
+ {
+ error(1, 0, "path %s evaluated to non-existant
location %s",
+ repository, real_path);
+ }
+
+ /*check to make sure evaluated path still remains in the
repository,
+ simply check the path against the cvs root dir*/
+ if(strncmp (real_path, current_parsed_root->directory,
+
strlen(current_parsed_root->directory)))
+ {
+ if(islink(repository))
+ {
+ error(1, 0, "Error: path %s (symlink to %s)
leads out of repository",
+ repository, real_path);
+ }
+ else
+ error(1, 0, "Error: path %s leads out of
repository",
+ repository);
+ }
+ }
+ else
+ {
+ strcpy(real_path, repository);
+ }
+
+ short_repos = real_path + strlen(current_parsed_root->directory) +
1;
+
+ if (strcmp (real_path, current_parsed_root->directory) == 0)
short_repos = ".";
else
assert (short_repos[-1] == '/');
-----Original Message-----
From: Ambalu, Robert
Sent: Wednesday, July 09, 2003 12:10 PM
To: 'lawrence.jones@eds.com'
Cc: derek@ximbiot.com; bug-cvs@gnu.org
Subject: RE: CVS lockdir bug with repository symlinks
Sorry to bother again, but can you please let me know the status of the
symlink bugfix? Will it be going into the main branch?
-----Original Message-----
From: lawrence.jones@eds.com [mailto:lawrence.jones@eds.com]
Sent: Monday, June 30, 2003 11:49 AM
To: Ambalu, Robert
Cc: derek@ximbiot.com; bug-cvs@gnu.org
Subject: Re: CVS lockdir bug with repository symlinks
Ambalu, Robert writes:
>
> Just wanted to check if there was any update on this?
I've checked in the readers_exist part but I haven't done anything with the
symlinks part. (And I'm not likely to in the near future; perhaps Derek
will.)
-Larry Jones
What a waste to be going to school on a morning like this. -- Calvin
- RE: CVS lockdir bug with repository symlinks,
Ambalu, Robert <=