apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hyrum K. Wright" <hyrum_wri...@mail.utexas.edu>
Subject Re: Crash in apr_psprintf(), 1.4.x branch
Date Wed, 10 Mar 2010 22:45:54 GMT

On Mar 10, 2010, at 11:26 AM, Hyrum K. Wright wrote:

> In trying to get Subversion acquainted with the 1.4.x branch, I
> encountered the a crash within an invocation of apr_psprintf().  The
> attached patch adds a test case demonstrating the crash.  The patch is
> against 1.4.x, but applies to trunk as well, where the bug is also
> present.
> 
> The test case is essentially a replication of one of the calls to
> apr_psprintf() that happens deep within Subversion, and which
> functions just fine when working against 1.3.x.  In digging a little
> deeper, it appears that the var arg pointer isn't being advanced
> properly at some point in apr_vformatter(), but I'm hoping that
> someone more familiar with the code will be able to figure out what's
> really going on.

Digging deeper, it appears to be an error in apr_vformatter() when parsing the format '%lld'.
 I'm running the tests on Mac OS X where APR_OFF_FMT_T is defined as lld, so this format occurs
frequently.  Consequently, I'm also seeing a failure in testfmt at line 63, where the parser
is attempting to parse APR_OFF_FMT_T, but failing.  Can anybody else replicate this bug?

I'm a little new here, but would consider something like this is probably a blocker for 1.4.x.
 This may already have been discussed, but I haven't seen it, at least in the past couple
of months.

-Hyrum
Mime
View raw message