[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cvs-cvs] ccvs/src ChangeLog rcs.c [cvs1-11-x-branch]
|
From: |
Larry Jones |
|
Subject: |
[Cvs-cvs] ccvs/src ChangeLog rcs.c [cvs1-11-x-branch] |
|
Date: |
Thu, 21 Oct 2010 13:24:16 +0000 |
CVSROOT: /cvsroot/cvs
Module name: ccvs
Branch: cvs1-11-x-branch
Changes by: Larry Jones <scjones> 10/10/21 13:24:15
Modified files:
src : ChangeLog rcs.c
Log message:
* rcs.c (apply_rcs_changes): Correct deltatext position sanity
checks. Keep lines in sync so that linevector_free() doesn't
try to free garbage.
CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/ccvs/src/ChangeLog?cvsroot=cvs&only_with_tag=cvs1-11-x-branch&r1=1.2336.2.515&r2=1.2336.2.516
http://cvs.savannah.gnu.org/viewcvs/ccvs/src/rcs.c?cvsroot=cvs&only_with_tag=cvs1-11-x-branch&r1=1.262.4.65&r2=1.262.4.66
Patches:
Index: ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/ChangeLog,v
retrieving revision 1.2336.2.515
retrieving revision 1.2336.2.516
diff -u -b -r1.2336.2.515 -r1.2336.2.516
--- ChangeLog 19 Jul 2009 04:03:20 -0000 1.2336.2.515
+++ ChangeLog 21 Oct 2010 13:24:14 -0000 1.2336.2.516
@@ -1,3 +1,9 @@
+2010-10-21 Larry Jones <address@hidden>
+
+ * rcs.c (apply_rcs_changes): Correct deltatext position sanity
+ checks. Keep lines in sync so that linevector_free() doesn't
+ try to free garbage.
+
2009-07-18 Derek R. Price <address@hidden>
* subr.c (sleep_past): Don't assume that time() called after
Index: rcs.c
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/rcs.c,v
retrieving revision 1.262.4.65
retrieving revision 1.262.4.66
diff -u -b -r1.262.4.65 -r1.262.4.66
--- rcs.c 7 May 2008 15:34:16 -0000 1.262.4.65
+++ rcs.c 21 Oct 2010 13:24:15 -0000 1.262.4.66
@@ -7128,7 +7128,7 @@
struct deltafrag *dfhead;
struct deltafrag **dftail;
struct deltafrag *df;
- unsigned long numlines, lastmodline, offset;
+ unsigned long numlines, offset;
struct linevector lines;
int err;
@@ -7202,12 +7202,12 @@
/* New temp data structure to hold new org before
copy back into original structure. */
- lines.nlines = lines.lines_alloced = numlines;
+ lines.lines_alloced = numlines;
lines.vector = xmalloc (numlines * sizeof *lines.vector);
/* We changed the list order to first to last -- so the
list never gets larger than the size numlines. */
- lastmodline = 0;
+ lines.nlines = 0;
/* offset created when adding/removing lines
between new and original structure */
@@ -7216,25 +7216,24 @@
for (df = dfhead; df != NULL; )
{
unsigned int ln;
- unsigned long deltaend;
+ unsigned long newpos = df->pos - offset;
- if (df->pos > orig_lines->nlines)
+ if (newpos < lines.nlines || newpos > numlines)
err = 1;
/* On error, just free the rest of the list. */
if (!err)
{
- /* Here we need to get to the line where the next insert will
+ /* Here we need to get to the line where the next change will
begin, which is DF->pos in ORIG_LINES. We will fill up to
DF->pos - OFFSET in LINES with original items. */
- for (deltaend = df->pos - offset;
- lastmodline < deltaend;
- lastmodline++)
+ while (lines.nlines < newpos)
{
/* we need to copy from the orig structure into new one */
- lines.vector[lastmodline] =
- orig_lines->vector[lastmodline + offset];
- lines.vector[lastmodline]->refcount++;
+ lines.vector[lines.nlines] =
+ orig_lines->vector[lines.nlines + offset];
+ lines.vector[lines.nlines]->refcount++;
+ lines.nlines++;
}
switch (df->type)
@@ -7247,6 +7246,11 @@
int nextline_newline;
size_t nextline_len;
+ if (newpos + df->nlines > numlines)
+ {
+ err = 1;
+ break;
+ }
textend = df->new_lines + df->len;
nextline_newline = 0;
nextline_text = df->new_lines;
@@ -7271,8 +7275,7 @@
q->has_newline = nextline_newline;
q->refcount = 1;
memcpy (q->text, nextline_text, nextline_len);
- lines.vector[lastmodline++] = q;
- offset--;
+ lines.vector[lines.nlines++] = q;
nextline_text = (char *)p + 1;
nextline_newline = 0;
@@ -7286,11 +7289,11 @@
q->has_newline = nextline_newline;
q->refcount = 1;
memcpy (q->text, nextline_text, nextline_len);
- lines.vector[lastmodline++] = q;
+ lines.vector[lines.nlines++] = q;
/* For each line we add the offset between the #'s
decreases. */
- offset--;
+ offset -= df->nlines;
break;
}
@@ -7301,14 +7304,20 @@
if (df->pos + df->nlines > orig_lines->nlines)
err = 1;
else if (delvers)
+ {
for (ln = df->pos; ln < df->pos + df->nlines; ++ln)
+ {
if (orig_lines->vector[ln]->refcount > 1)
+ {
/* Annotate needs this but, since the original
* vector is disposed of before returning from
* this function, we only need keep track if
* there are multiple references.
*/
orig_lines->vector[ln]->vers = delvers;
+ }
+ }
+ }
break;
}
}
@@ -7328,21 +7337,20 @@
else
{
/* add the rest of the remaining lines to the data vector */
- for (; lastmodline < numlines; lastmodline++)
+ while (lines.nlines < numlines)
{
/* we need to copy from the orig structure into new one */
- lines.vector[lastmodline] = orig_lines->vector[lastmodline
+ lines.vector[lines.nlines] = orig_lines->vector[lines.nlines
+ offset];
- lines.vector[lastmodline]->refcount++;
+ lines.vector[lines.nlines]->refcount++;
+ lines.nlines++;
}
/* Move the lines vector to the original structure for output,
* first deleting the old.
*/
linevector_free (orig_lines);
- orig_lines->vector = lines.vector;
- orig_lines->lines_alloced = numlines;
- orig_lines->nlines = lines.nlines;
+ *orig_lines = lines;
}
return !err;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Cvs-cvs] ccvs/src ChangeLog rcs.c [cvs1-11-x-branch],
Larry Jones <=