[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Seg fault in 1.12.5
From: |
Steve McIntyre |
Subject: |
Re: Seg fault in 1.12.5 |
Date: |
Sun, 22 Feb 2004 01:44:49 +0000 |
User-agent: |
Mutt/1.5.5.1+cvs20040105i |
On Sat, Feb 21, 2004 at 04:58:50PM +0000, Steve McIntyre wrote:
>Guys,
>
>I've just had a bug reported in Debian about 1.12.5:
>
>===========================================================================
>
>$ cvs update -jupstream_version_2_12_0-CVS20031225
>-jupstream_version_2_13_0-rc1-CVS20040221
>AUTHORS already contains the differences between 1.1.1.1 and 1.1.1.2
>ChangeLog already contains the differences between 1.1.1.3 and 1.1.1.5
>INSTALL already contains the differences between 1.1.1.1 and 1.1.1.3
>R INSTALL.jp
>Makefile.am already contains the differences between 1.1.1.3 and
>1.1.1.5
>cvs update: use `cvs add' to create an entry for `Makefile.in'
>Segmentation fault
>
>See attached ltrace. Tarball of the repository is available upon
>request.
>
>Severity grave because:
> 1) This renders cvs unusable if you hit the bug
> 2) strcmp something to NULL makes me suspicious that it is part of
> a security hole
>
>This bug was reproduced in the 1.12.2-2 version of the package.
>Package version 1.12.1-7 did not exibit the bug. (I love
>snapshot.debian.net
>:) ), and managed to apply the update.
Looks like I've maybe found it - it's simply the check around the new
optimisations in join_file():
+ /* If we know that the user file is up-to-date, then it becomes an
+ * optimization to skip the merge when rev2 is the same as the base
+ * revision. i.e. we know that diff3(file2,file1,file2) will produce
+ * file2. Note: If rev1 did not exist in the file (rev1 == NULL),
+ * be silent.
+ */
+ if (vers->ts_user
+ && strcmp (vers->ts_user, vers->ts_rcs) == 0
+ && strcmp (rev2, vers->vn_user) == 0)
+ {
+ if (!really_quiet && rev1 != NULL)
+ {
+ cvs_output (finfo->fullname, 0);
+ cvs_output (" already contains the differences between ", 0);
+ cvs_output (rev1, 0);
+ cvs_output (" and ", 0);
+ cvs_output (rev2, 0);
+ cvs_output ("\n", 1);
+ }
+
Simply replacing the outer check with the old (1.12.1) code:
if (vers->vn_user != NULL && strcmp (rev2, vers->vn_user) == 0)
_seems_ to work, but I don't pretend to be able to follow this code at
1.30AM. Hopefully I've helped point somebody to the right area of the
code here...
--
Steve McIntyre, Cambridge, UK. steve@einval.com
We don't need no education.
We don't need no thought control.
signature.asc
Description: Digital signature