Uwe Stuehler <subversion-lists@bsdx.de>

r965551, r963741

r965551 | stsp | 2010-07-19 11:27:09 -0500 (Mon, 19 Jul 2010)

As part of addressing issue #3620, make 'svn add' properly validate targets.
This fixes a user-triggerable assertion.

This is just a small start of a comprehensive path/URL input validation audit
that needs to be performed to properly fix issue #3620. So similar commits
for other subcommands will follow.

Also, introduce a new regression test suite for testing input validation.
This only tests 'svn add' for now, but more tests will follow.

Input validation is done both right beneath the client API layer and
within the CLI client. This makes sure that our CLI client behaves well,
i.e. it won't ask the client library to perform operations it knows might
fail due to invalid input. The checks within the client library help third-
party clients which don't perform proper input validation even though they

* subversion/libsvn_client/add.c
  (svn_client_add4): Raise an error if the path to be added looks like a URL.

* subversion/svn/add-cmd.c
  (svn_cl__add): Raise an error if any of the targets supplied by the
   user look like URLs. Heed our own API requirements by canonicalizing
   paths before passing them to the client library [Note from the future:
   This part was reverted in r965854 because paths were already canonicalized].
   Rename a subpool to iterpool while here, since the pool is used in a loop.

* subversion/tests/cmdline/input_validation_tests.py: New.

Patch by: Uwe Stuehler <subversion-lists@bsdx.de>

r963741 | stsp | 2010-07-13 09:46:05 -0500 (Tue, 13 Jul 2010)

* subversion/libsvn_client/cmdline.c:
  (check_root_url_of_target): Catch SVN_ERR_WC_PATH_NOT_FOUND in addition
  to other similar error codes, allowing argument processing to continue
  as expected.

Patch by: Uwe Stuehler <subversion-lists@bsdx.de>
log message tweaked by me