Scott Hanselman

browse by category or date

Subversion case-sensitivity problems

January 26, '06 Comments [7] Posted in Subversion | Bugs
Sponsored By

Does anyone out there also running Subversion find this to be a little disconcerting? Stuart does. There are two issues here, first it seems there's a number of asserts in the release builds of Subversion. It appears the code uses asserts when an 'uncomfortable' state is reached - except that asserts halt/panic the server, rather than aborting the current transaction. Probably not what they intended when the started to use asserts.

The second, more acute, problem is that there's a particular assert that will occur when making a branch or tag using a mixed case string for the repository when the server expects a different case. Rephrased: If you tag a repository named http://foo/bar/trunk but you typed in http://foo/Bar/mytag then you'll bring down the entire SVN server. Nice little DoS on any SVN server, right there. The user only needs access to a single repository on that server and they can bring down the whole thing.

The bug's been reported, but I'm not seeing that it's thought of as a big deal. I hope this is fixed soon...for now, I think I'll keep my home repository on CVS. Whew.

« Babies sleeping through the night | Blog Home | Updated January 2006 Blogroll »

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. I am a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by ORCS Web
Comments [7]
Friday, January 27, 2006 3:21:52 AM UTC
How odd. We've been using Subversion for over a year, and I never have seen that problem before. We use mixed case liberally for branches and such, and I know I've used the wrong case (none at all). I wonder if TortoiseSvn sidesteps the problem somehow. We've found Subversion to be wonderful and it solves lots of the headaches we had with CVS. It's far easier to automate things with it as well. I'll have to look into this issue.
Mark Miller
Friday, January 27, 2006 4:23:46 PM UTC
What version of the server are you using?

Do you have any other clients or command line SVNs like CCNET talking to the server?
Scott Hanselman
Friday, January 27, 2006 6:43:36 PM UTC
No worries. Its Open Source, so it's OK.

Think of all the eyes that have seen this code. There is nothing wrong. There can't be. It's purely perception.
Jeff Key
Friday, January 27, 2006 7:30:48 PM UTC
We're running SVN 1.1 on Apache 2.0. I can't see justification to abandon all the benefits of SVN over CVS because of a fairly easy to avoid problem like this. BTW, we ARE using ccnet with SVN and have several scripts hooked into the process that run on commit, as well as a Wiki that is automatically cross-referenced with the commit logs to track bugs, features, and sub-projects. We use TortoiseSVN almost exclusively for access to the repository, with the exception of the ccnet integration and backup dumps we do in an automated fashion on a schedule.
Mark Miller
Friday, January 27, 2006 8:17:38 PM UTC
Heh, man, I replied once to this and it crashed my IE...

Anyway, I've also been running SVN for over a year and have never run into any problems like this. However, I use svnserve.exe and not Apache. We talk to SVN with svn.exe, TortizeSVN, AnkhSVN and Draco.NET (which uses svn.exe).

I tend to agree with Mr Miller on this, the benefits of SVN over CVS far outweigh any of the glitches we've run into. And to be honest, the only showstoppers were with the Berkley DB stuff. Modern svnserve.exe's use a FileSystem store instead of Berkley so the compatability issues are basically moot.
Ogre
Saturday, January 28, 2006 5:20:16 AM UTC
I've run into issues with case-sensitivity also, but I still prefer SVN over CVS.

Since subversion is unix based, it will see Foo.txt and foo.txt as 2 different files. So if you have a developer check in foo.txt and you check in Foo.txt, you won't get a conflict.

When you try to update, though, windows see's that as the same file and TortoiseSVN freaks out. It halts the operation and you need to manually remove the bad file and merge it will the good.

Quite annoying, but in the year and a half that I have been using svn, it's only happened twice.
Ben Scheirman
Monday, February 06, 2006 10:16:38 PM UTC
Update: Karl Fogel [1], full-time Subversion developer from CollabNet, said he'd look into the issue [2]. Thanks, Karl!

Ben: Case sensitivity of filenames is a separate issue (and doesn't take down the server for everyone else). Annoying, yes, but different. TortoiseSVN should do a better job, since it is a Windows-only client, but IIRC they had some clever logic to say it isn't their problem to solve.

----
[1] http://www.red-bean.com/kfogel/
[2] http://cs.ferncrk.com/blogs/stuart/archive/2006/01/22/subversion_stunning_revelations.aspx#comments
Stuart Celarier
Comments are closed.

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.