View Issue Details

IDProjectCategoryView StatusLast Update
0000690Subversion for OS/2 & eCSBugpublic2021-04-09 19:22
ReporterSteven LevineAssigned ToSteven Levine 
PrioritynormalSeverityminorReproducibilitysometimes
Status closedResolutionfixed 
PlatformOS2/eCSOSOS/2 or eComstationOS Version1.x 2.x or 4.5
Product Version 
Target VersionFixed in Version1.7.x 
Summary0000690: svn, version 1.7.21 (r1692801) compiled Apr 12 2019, 19:07:53 can trap when svn up detects conflicts.
Descriptionsvn update can still trap intermittently when conflicts are detected.

The workaround is to use

  svn up --accept=postpone

which avoids the prompting and thus avoids the trap.

The .trp file implies either a stack resident buffer overflow or possibly a bad pointer.
TagsNo tags attached.

Relationships

related to 0000689 closedSteven Levine svn 1.7.21 update traps when requiring input (e.g., conflict resolution) 

Activities

Steven Levine

2019-06-03 10:26

manager  

041D_01.TRP (80,277 bytes)

Steven Levine

2019-06-04 09:52

manager   ~0003290

The trap is caused by an incompletely initialized apr_file_t in apr_os_file_put().

The other platforms use pcallac and the OS/2 code was never updated to do the same.

open.c.diff (1,198 bytes)
diff --git a/file_io/os2/open.c b/file_io/os2/open.c
index 1a5932e..be28439 100644
--- a/file_io/os2/open.c
+++ b/file_io/os2/open.c
@@ -95,7 +95,9 @@ APR_DECLARE(apr_status_t) apr_file_open(apr_file_t **new, const char *fname,
     ULONG    CurMaxFH      = 0;          /* Current count of handles         */
     LONG     ReqCount      = 0;          /* Number to adjust file handles    */
 
-    apr_file_t *dafile = (apr_file_t *)apr_palloc(pool, sizeof(apr_file_t));
+    // 2019-06-03 SHL ensure initialized to zeros
+    // apr_file_t *dafile = (apr_file_t *)apr_palloc(pool, sizeof(apr_file_t));
+    apr_file_t *dafile = (apr_file_t *)apr_pcalloc(pool, sizeof(apr_file_t));
 
     if (flag & APR_FOPEN_NONBLOCK) {
         return APR_ENOTIMPL;
@@ -265,7 +267,9 @@ APR_DECLARE(apr_status_t) apr_os_file_put(apr_file_t **file, apr_os_file_t *thef
 {
     apr_os_file_t *dafile = thefile;
 
-    (*file) = apr_palloc(pool, sizeof(apr_file_t));
+    // 2019-06-03 SHL ensure initialized to zeros
+    // (*file) = apr_palloc(pool, sizeof(apr_file_t));
+    (*file) = apr_pcalloc(pool, sizeof(apr_file_t));
     (*file)->pool = pool;
     (*file)->filedes = *dafile;
     (*file)->isopen = TRUE;
open.c.diff (1,198 bytes)

Steven Levine

2019-06-04 09:53

manager   ~0003291

Reminder sent to: psmedley

Please let me know when you have a build to test. Thanks.

Steven Levine

2019-06-04 10:35

manager   ~0003293

pipe.c.diff brings pipe.c into sync with the apr_pcalloc() usage on other platforms.

Steven Levine

2019-06-04 11:03

manager   ~0003294

Last edited: 2019-06-05 11:01

View 3 revisions

This corrects a typo in the original pipe.c.diff.



pipe.c.diff (1,723 bytes)
diff --git a/file_io/os2/pipe.c b/file_io/os2/pipe.c
index 26925f0..868f561 100644
--- a/file_io/os2/pipe.c
+++ b/file_io/os2/pipe.c
@@ -69,7 +69,9 @@ static apr_status_t file_pipe_create(apr_file_t **in, apr_file_t **out,
         return APR_FROM_OS_ERROR(rc);
     }
 
-    (*in) = (apr_file_t *)apr_palloc(pool_in, sizeof(apr_file_t));
+    // 2019-06-03 SHL Ensure apr_file_t initialized to zeros
+    // (*in) = (apr_file_t *)apr_palloc(pool_in, sizeof(apr_file_t));
+    (*in) = (apr_file_t *)apr_pcalloc(pool_in, sizeof(apr_file_t));
     rc = DosCreateEventSem(NULL, &(*in)->pipeSem, DC_SEM_SHARED, FALSE);
 
     if (rc) {
@@ -96,7 +98,6 @@ static apr_status_t file_pipe_create(apr_file_t **in, apr_file_t **out,
     (*in)->fname = apr_pstrdup(pool_in, pipename);
     (*in)->isopen = TRUE;
     (*in)->buffered = FALSE;
-    (*in)->flags = 0;
     (*in)->pipe = 1;
     (*in)->timeout = -1;
     (*in)->ungetchar = -1;
@@ -104,13 +105,14 @@ static apr_status_t file_pipe_create(apr_file_t **in, apr_file_t **out,
     apr_pool_cleanup_register(pool_in, *in, apr_file_cleanup,
             apr_pool_cleanup_null);
 
-    (*out) = (apr_file_t *)apr_palloc(pool_out, sizeof(apr_file_t));
+    // 2019-06-03 SHL Ensure apr_file_t initialized to zeros
+    // (*out) = (apr_file_t *)apr_palloc(pool_out, sizeof(apr_file_t));
+    (*out) = (apr_file_t *)apr_pcalloc(pool_out, sizeof(apr_file_t));
     (*out)->pool = pool_out;
     (*out)->filedes = filedes[1];
     (*out)->fname = apr_pstrdup(pool_out, pipename);
     (*out)->isopen = TRUE;
     (*out)->buffered = FALSE;
-    (*out)->flags = 0;
     (*out)->pipe = 2;			// 2014-11-17 SHL mark as client pipe
     (*out)->ungetchar = -1;
     (*out)->timeout = -1;
pipe.c.diff (1,723 bytes)

psmedley

2019-06-04 19:03

administrator   ~0003295

http://smedley.id.au/tmp/svn-20190604.zip

Steven Levine

2019-06-05 11:29

manager   ~0003297

http://smedley.id.au/tmp/svn-20190604.zip does not trap one my testcase.

FTR, the testcase script is:

   set X=%$
   echo on
   svn cleanup
   svn revert testee
   svn up testee
   :: force conflict
   echo testee confict >testee
   iff defined X then
     :: retail run
     :: svn up -r2 --accept=mine-conflict testee
     svn up -r2 testee
   else
     :: debug run
     idebug svn up -r2 testee
   endiff
   @echo off

Steven Levine

2019-06-05 11:31

manager   ~0003298

Reminder sent to: LewisR

You should give this build a try. I should resolve your 0000689 issue.

LewisR

2020-01-04 06:44

developer   ~0003379

I have marked 0000689 as resolved. I actually think this is a dupe of that one, as I happened to be testing earlier today with an older build and got a similar trap from that older build (12/2018) when it was simply requesting my username.

IAC, I do not see this happening with this build.

Steven Levine

2020-09-23 05:06

manager   ~0003544

Reminder sent to: LewisR, psmedley

Did I forget to close this one? It's in feedback status, so I was ignoring it until it showed up in one of my other lists.

LewisR

2020-09-23 05:22

developer   ~0003545

I think you did indeed forget to close it.

FTR, I have not seen this with svn.exe 1.14.0 (r1876290) Sep 5 2020, 18:36:39.

Steven Levine

2020-09-23 05:49

manager   ~0003546

The consensus it that this is really fixed in 1.7.x. The patch should have made its way into the 1.14.x builds too.

Issue History

Date Modified Username Field Change
2019-06-03 10:26 Steven Levine New Issue
2019-06-03 10:26 Steven Levine File Added: 041D_01.TRP
2019-06-03 10:27 Steven Levine Relationship added related to 0000689
2019-06-04 09:52 Steven Levine File Added: open.c.diff
2019-06-04 09:52 Steven Levine Note Added: 0003290
2019-06-04 09:52 Steven Levine Assigned To => Steven Levine
2019-06-04 09:52 Steven Levine Status new => assigned
2019-06-04 09:53 Steven Levine Note Added: 0003291
2019-06-04 10:35 Steven Levine File Added: pipe.c.diff
2019-06-04 10:35 Steven Levine Note Added: 0003293
2019-06-04 11:01 Steven Levine File Deleted: pipe.c.diff
2019-06-04 11:03 Steven Levine File Added: pipe.c.diff
2019-06-04 11:03 Steven Levine Note Added: 0003294
2019-06-04 19:03 psmedley Note Added: 0003295
2019-06-04 19:03 psmedley Status assigned => feedback
2019-06-05 11:01 Steven Levine Note Edited: 0003294 View Revisions
2019-06-05 11:01 Steven Levine Note Edited: 0003294 View Revisions
2019-06-05 11:29 Steven Levine Note Added: 0003297
2019-06-05 11:31 Steven Levine Note Added: 0003298
2020-01-04 06:44 LewisR Note Added: 0003379
2020-09-23 05:06 Steven Levine Note Added: 0003544
2020-09-23 05:22 LewisR Note Added: 0003545
2020-09-23 05:49 Steven Levine Status feedback => resolved
2020-09-23 05:49 Steven Levine Resolution open => fixed
2020-09-23 05:49 Steven Levine Fixed in Version => 1.7.x
2020-09-23 05:49 Steven Levine Note Added: 0003546
2021-04-09 19:22 psmedley Status resolved => closed