httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <>
Subject Re: [Fwd: Re: apr_brigade_create() produces a corrupt brigade]
Date Sun, 29 Oct 2006 14:33:11 GMT

On 10/29/2006 01:59 PM, Graham Leggett wrote:
> Ruediger Pluem wrote:
>>> This runs fine - a brigade is created, containing a single bucket.
>>> The trouble is, the bucket inside the brigade is corrupt - it's name
>>> consists of random bytes, and the pointers to its methods are either
>> Maybe stupid thought, but isn't this bucket the sentinel and doesn't
>> APR_BRIGADE_EMPTY return true on this brigade?
> There definitely was one bucket in the new empty brigade, and it makes
> sense that this bucket was the sentinel. What didn't make sense though
> was that most of the fields in this bucket were uninitialised, so the
> jump table for code that implements the various bucket methods consisted
> of bogus addresses.

Just two curious questions:

1. Did APR_BRIGADE_EMPTY return true on this newly created brigade?
2. Shouldn't the code take care never to process the sentinel because of the
   problems you pointed out above (invalid data, especially in the jump table)?



View raw message