[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] test: fix segfault in networkxml2argvtest



Hello Laine,

On Thursday 05 April 2012 09:32:45 Laine Stump wrote:
> This bug resolves https://bugzilla.redhat.com/show_bug.cgi?id=810100
>
> rpm builds for i686 were failing with a segfault in
> networkxml2argvtest. Running under valgrind showed that a region of
> memory was being referenced after it had been freed (as the result of
> realloc - see the valgrind report in the BZ).

Thanks for fixing that bug. My fault.

> The problem (in replaceTokens() - added in commit 22ec60, meaning this
> bug was in 0.9.10 and 0.9.11) was that the pointers token_start and
> token_end were being computed based on the value of *buf, then *buf
> was being realloc'ed (potentially moving it), then token_start and
> token_end were used without recomputing them to account for movement
> of *buf.
>
> The solution is to change the code so that token_start and token_end
> are offsets into *buf rather than pointers. This way there is only a
> single pointer to the buffer, and nothing needs readjusting after a
> realloc. (You may note that some uses of token_start/token_end didn't
> need to be changed to add in "*buf +" - that's because there ended up
> being a +*buf and -*buf which canceled each other out).
>
> DV gets the credit for finding this bug and pointing out the valgrind
> report.

Look good.
Reviewd-by: Philipp Hahn <hahn univention de>

Sincerely
Philipp
-- 
Philipp Hahn           Open Source Software Engineer      hahn univention de
Univention GmbH        be open.                       fon: +49 421 22 232- 0
Mary-Somerville-Str.1  D-28359 Bremen                 fax: +49 421 22 232-99
                                                   http://www.univention.de/

Attachment: signature.asc
Description: This is a digitally signed message part.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]