Details
-
Type:
Bug
-
Status: In Progress
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 1.9.7
-
Fix Version/s: None
-
Component/s: libsvn_fs_fs
-
Labels:None
Description
As discussed
Email to dev@, from Philip Martin, 2018-03-03, "Re: SHA-1 collision in repository?", archived at mail-archives.apache.org, svn.haxx.se
There is an error in the checksum code added to 1.9.7 to detect SHA1 collisions. The expanded length is calculated incorrectly and when the delta length is a multiple of 16K the checksum calculation stops early and fails.
Symptom: Commits fail with a false "Filesystem is corrupt" error.