From owner-cvs-all Thu Dec 5 6: 2:11 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA00D37B401; Thu, 5 Dec 2002 06:02:07 -0800 (PST) Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id E5B6B43EB2; Thu, 5 Dec 2002 06:02:03 -0800 (PST) (envelope-from ru@whale.sunbay.crimea.ua) Received: from whale.sunbay.crimea.ua (ru@localhost [127.0.0.1]) by whale.sunbay.crimea.ua (8.12.6/8.12.6/Sunbay) with ESMTP id gB5E1oVX056382 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 5 Dec 2002 16:01:58 +0200 (EET) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.12.6/8.12.6/Submit) id gB5E1ofY056377; Thu, 5 Dec 2002 16:01:50 +0200 (EET) Date: Thu, 5 Dec 2002 16:01:50 +0200 From: Ruslan Ermilov To: Peter Wemm Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/contrib/cvs - Imported sources Message-ID: <20021205140150.GA54031@sunbay.com> References: <200212020313.gB23Djbp002914@repoman.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9zSXsLTf0vkW971A" Content-Disposition: inline In-Reply-To: <200212020313.gB23Djbp002914@repoman.freebsd.org> User-Agent: Mutt/1.5.1i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --9zSXsLTf0vkW971A Content-Type: multipart/mixed; boundary="oyUTqETQ0mS9luUI" Content-Disposition: inline --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 01, 2002 at 07:13:45PM -0800, Peter Wemm wrote: > peter 2002/12/01 19:13:45 PST >=20 > src/contrib/cvs - Imported sources > Update of /home/ncvs/src/contrib/cvs > In directory repoman.freebsd.org:/tmp/cvs-serv2827 > =20 > Log Message: > Import cvs-1.11.2.1 as of 2002/12/01 onto vendor branch. This fixes all > of the bugs that I know of. >=20 Here's one more (with the patch attached). The line numbers are slightly different because I'm running with some unrelated local patches (that add PAM support to cvs server code). The first server_cleanup() calls ``(void) buf_flush (buf_to_net, 1);'' at its very end, and this triggers another server_cleanup() that causes the dereference of a null pointer in the patched code fragment. Core was generated by `cvs'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libgnuregex.so.2...done. Reading symbols from /usr/lib/libmd.so.2...done. Reading symbols from /usr/lib/libcrypt.so.2...done. Reading symbols from /usr/lib/libz.so.2...done. Reading symbols from /usr/lib/libpam.so.1...done. Reading symbols from /usr/lib/libc.so.4...done. Reading symbols from /usr/lib/pam_skey.so...done. Reading symbols from /usr/lib/libskey.so.2...done. Reading symbols from /usr/lib/pam_unix.so...done. Reading symbols from /usr/lib/libutil.so.3...done. Reading symbols from /usr/libexec/ld-elf.so.1...done. #0 buf_shutdown (buf=3D0x0) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/buffer.c:12= 08 1208 if (buf->shutdown) (gdb) bt #0 buf_shutdown (buf=3D0x0) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/buffer.c:12= 08 #1 0x8088edf in server_cleanup (sig=3D0) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/server.c:49= 01 #2 0x805f1ff in error_exit () at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/error.c:71 #3 0x805f4c7 in error (status=3D1, errnum=3D0, message=3D0x80acaf9 "receiv= ed %s signal") at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/error.c:212 #4 0x806e4ee in main_cleanup (sig=3D13) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/main.c:395 #5 0x8093c20 in SIG_handle (sig=3D13) at /usr/src/gnu/usr.bin/cvs/lib/../../../../contrib/cvs/lib/sighandle.c= :156 #6 0xbfbfffac in ?? () #7 0x804d99d in buf_send_output (buf=3D0x80c3040) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/buffer.c:287 #8 0x804da44 in buf_flush (buf=3D0x80c3040, block=3D1) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/buffer.c:352 #9 0x8088f6b in server_cleanup (sig=3D0) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/server.c:50= 17 #10 0x80894a2 in server (argc=3D1, argv=3D0xbfbffccc) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/server.c:52= 44 #11 0x806f083 in main (argc=3D1, argv=3D0xbfbffccc) at /usr/src/gnu/usr.bin/cvs/cvs/../../../../contrib/cvs/src/main.c:1028 #12 0x804a6ed in _start () Cheers, --=20 Ruslan Ermilov Sysadmin and DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p Content-Transfer-Encoding: quoted-printable Index: server.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/contrib/cvs/src/server.c,v retrieving revision 1.17 diff -u -p -r1.17 server.c --- server.c 2 Dec 2002 03:17:49 -0000 1.17 +++ server.c 5 Dec 2002 13:49:52 -0000 @@ -4889,11 +4889,14 @@ server_cleanup (sig) * have generated any final output, we shut down BUF_TO_NET. */ =20 - status =3D buf_shutdown (buf_from_net); - if (status !=3D 0) - error (0, status, "shutting down buffer from client"); - buf_free (buf_from_net); - buf_from_net =3D NULL; + if (buf_from_net !=3D NULL) + { + status =3D buf_shutdown (buf_from_net); + if (status !=3D 0) + error (0, status, "shutting down buffer from client"); + buf_free (buf_from_net); + buf_from_net =3D NULL; + } } =20 if (dont_delete_temp) --oyUTqETQ0mS9luUI-- --9zSXsLTf0vkW971A Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE971xOUkv4P6juNwoRAiszAJ0T44Aw3vIEZdq0Lb2pVAaUzitbmgCggu86 hrfYdG3S33bPIA2GO0F0F60= =8fas -----END PGP SIGNATURE----- --9zSXsLTf0vkW971A-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message