apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Neil Conway <...@cs.berkeley.edu>
Subject Re: [PATCH] bug in pollset_wakeup() + nocopy
Date Mon, 29 Mar 2010 17:19:41 GMT
Ping? This patch addresses a crash that exists in both 1.4.x and
trunk, and is quite straightforward.

Neil

On Thu, Feb 4, 2010 at 8:14 PM, Neil Conway <nrc@cs.berkeley.edu> wrote:
> Any feedback on this patch? The bug it addresses exists in both 1.4.x and trunk.
>
> Neil
>
> On Sat, Jan 16, 2010 at 5:30 PM, Neil Conway <nrc@cs.berkeley.edu> wrote:
>> Attached is a refreshed version of this patch that applies against
>> current APR trunk (after the recent pollcb_wakeup() changes). The
>> patch is now pretty trivial.
>>
>> Note that if you want to backport this bug fix to the 1.4 branch, the
>> previous version of the patch should be used. But perhaps the easiest
>> route is to first backport the pollcb_wakeup() change, and then apply
>> this version of the patch.
>>
>> Neil
>>
>> On Wed, Jan 6, 2010 at 9:06 PM, Neil Conway <nrc@cs.berkeley.edu> wrote:
>>> Attached is a slightly revised version of this patch. Changes:
>>>
>>> * Initialize the apr_pool_t field of the apr_pollfd_t we use for the
>>> wakeup pipe. Not clear what this field is actually used for (candidate
>>> for removal in APR2?), but we may as well be tidy.
>>>
>>> * Fix a minor bug in one of the versions of close_wakeup_pipe():
>>> initialize both "rv0" and "rv1", to avoid potentially reading an
>>> uninitialized value.
>>>
>>> Neil
>>>
>>> On Wed, Jan 6, 2010 at 5:47 PM, Neil Conway <nrc@cs.berkeley.edu> wrote:
>>>> apr_pollset_wakeup() is buggy when used with APR_POLLSET_NOCOPY,
>>>> because create_wakeup_pipe() passes a stack-allocated apr_pollfd_t to
>>>> apr_pollset_add(). This is unsafe if the user specified
>>>> APR_POLLSET_NOCOPY when creating the pollset.
>>>>
>>>> The attached patch fixes this by adding an apr_pollfd_t for the wakeup
>>>> pipe to apr_pollset_t, so that it has a sufficiently-long-lived
>>>> lifetime.
>>>>
>>>> Neil
>>>>
>>>
>>
>

Mime
View raw message