subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From phi...@apache.org
Subject svn commit: r1242337 - in /subversion/trunk/subversion: libsvn_subr/svn_base64.c tests/libsvn_subr/stream-test.c
Date Thu, 09 Feb 2012 14:29:37 GMT
Author: philip
Date: Thu Feb  9 14:29:37 2012
New Revision: 1242337

URL: http://svn.apache.org/viewvc?rev=1242337&view=rev
Log:
Fix a memory allocation problem in the base64 code that caused an
occasional write beyond the end of a buffer during decoding.

* subversion/libsvn_subr/svn_base64.c
  (decode_bytes): Allocate enough space.

* subversion/tests/libsvn_subr/stream-test.c
  (test_stream_base64_2): New.
  (test_funcs): Add new test.

Modified:
    subversion/trunk/subversion/libsvn_subr/svn_base64.c
    subversion/trunk/subversion/tests/libsvn_subr/stream-test.c

Modified: subversion/trunk/subversion/libsvn_subr/svn_base64.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/svn_base64.c?rev=1242337&r1=1242336&r2=1242337&view=diff
==============================================================================
--- subversion/trunk/subversion/libsvn_subr/svn_base64.c (original)
+++ subversion/trunk/subversion/libsvn_subr/svn_base64.c Thu Feb  9 14:29:37 2012
@@ -407,10 +407,16 @@ decode_bytes(svn_stringbuf_t *str, const
   signed char find;
   const char *end = data + len;
 
-  /* Resize the stringbuf to make room for the (approximate) size of
-     output, to avoid repeated resizes later.
-     The optimizations in decode_line rely on no resizes being necessary! */
-  svn_stringbuf_ensure(str, str->len + (len / 4) * 3 + 3);
+  /* Resize the stringbuf to make room for the maximum size of output,
+     to avoid repeated resizes later.  The optimizations in
+     decode_line rely on no resizes being necessary!
+
+     (*inbuflen+len) is encoded data length
+     (*inbuflen+len)/4 is the number of complete 4-bytes sets
+     (*inbuflen+len)/4*3 is the number of decoded bytes
+     (*inbuflen+len)/4*3+1 is the number of decoded bytes plus a null
+  */
+  svn_stringbuf_ensure(str, str->len + ((*inbuflen + len) / 4) * 3 + 1);
 
   while ( !*done && p < end )
     {

Modified: subversion/trunk/subversion/tests/libsvn_subr/stream-test.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/libsvn_subr/stream-test.c?rev=1242337&r1=1242336&r2=1242337&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/libsvn_subr/stream-test.c (original)
+++ subversion/trunk/subversion/tests/libsvn_subr/stream-test.c Thu Feb  9 14:29:37 2012
@@ -568,6 +568,160 @@ test_stream_base64(apr_pool_t *pool)
   return SVN_NO_ERROR;
 }
 
+/* This test doesn't test much unless run under valgrind when it
+   triggers the problem reported here:
+
+   http://mail-archives.apache.org/mod_mbox/subversion-dev/201202.mbox/%3C87sjik3m8q.fsf@stat.home.lan%3E
+ */
+static svn_error_t *
+test_stream_base64_2(apr_pool_t *pool)
+{
+  const struct data_t {
+    const char *encoded1;
+    const char *encoded2;
+  } data[] = {
+    {
+      "MTI",
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "A23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "B23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "C23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "D23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "E23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "F23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "G23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "H23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "I23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D123456789E"
+      "623456789A123456789B123456789C123456789D123456789E"
+      "723456789A123456789B123456789C123456789D123456789E"
+      "823456789A123456789B123456789C123456789D123456789E"
+      "923456789A123456789B123456789C123456789D123456789E"
+      "J23456789A123456789B123456789C123456789D123456789E"
+      "123456789A123456789B123456789C123456789D123456789E"
+      "223456789A123456789B123456789C123456789D123456789E"
+      "323456789A123456789B123456789C123456789D123456789E"
+      "423456789A123456789B123456789C123456789D123456789E"
+      "523456789A123456789B123456789C123456789D12345"
+    },
+    {
+      NULL,
+      NULL,
+    },
+  };
+  int i;
+
+  for (i = 0; data[i].encoded1; i++)
+    {
+      apr_size_t len1 = strlen(data[i].encoded1);
+
+      svn_stringbuf_t *actual = svn_stringbuf_create_empty(pool);
+      svn_stringbuf_t *expected = svn_stringbuf_create_empty(pool);
+      svn_stream_t *stream = svn_stream_from_stringbuf(actual, pool);
+
+      stream = svn_base64_encode(stream, pool);
+      stream = svn_base64_decode(stream, pool);
+
+      SVN_ERR(svn_stream_write(stream, data[i].encoded1, &len1));
+      svn_stringbuf_appendbytes(expected, data[i].encoded1, len1);
+
+      if (data[i].encoded2)
+        {
+          apr_size_t len2 = strlen(data[i].encoded2);
+          SVN_ERR(svn_stream_write(stream, data[i].encoded2, &len2));
+          svn_stringbuf_appendbytes(expected, data[i].encoded2, len2);
+        }
+
+      SVN_ERR(svn_stream_close(stream));
+    }
+
+  return SVN_NO_ERROR;
+}
+
 /* The test table.  */
 
 struct svn_test_descriptor_t test_funcs[] =
@@ -591,5 +745,7 @@ struct svn_test_descriptor_t test_funcs[
                    "test compressed streams with empty files"),
     SVN_TEST_PASS2(test_stream_base64,
                    "test base64 encoding/decoding streams"),
+    SVN_TEST_PASS2(test_stream_base64_2,
+                   "base64 decoding allocation problem"),
     SVN_TEST_NULL
   };



Mime
View raw message