> On Nov. 18, 2014, 1:19 p.m., rmudgett wrote: > > What you have found shows that the problem is in v12+ and not v1.8+
I had thought that the call to __ast_string_field_ptr_grow was a problem in 1.8/11 based on thinking that 'AST_STRING_FIELD_ALLOCATION(*ptr) += grow;' would modify the __p__, but if that's not the case then the only issue I could find is with ast_string_fields_copy, which is only in v12+. - Corey ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/4186/#review13803 ----------------------------------------------------------- On Nov. 18, 2014, 9:25 a.m., Corey Farrell wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/4186/ > ----------------------------------------------------------- > > (Updated Nov. 18, 2014, 9:25 a.m.) > > > Review request for Asterisk Developers and rmudgett. > > > Bugs: ASTERISK-24535 > https://issues.asterisk.org/jira/browse/ASTERISK-24535 > > > Repository: Asterisk > > > Description > ------- > > This addresses a regression in the previous fix that applies to all versions. > When __ast_string_field_ptr_grow is called by > ast_string_field_ptr_set_by_fields, it needs to be passed &target, not __p__. > In the current code if __ast_string_field_ptr_grow actually does anything, > it will cause *__p__ != target. Unfortunately in this case *__p__ points to > the new address, target to the old. This may cause too much data to be > written to the old space for the string, and this could cause memory > corruption. This was the first thing I noticed when attempting to > troubleshoot res/parking/dynamic_parking_variables unit test failure, but did > not fix the test. > > Also needed to get the unit test working again is a fix for > ast_string_fields_copy in 12+. The existing code relies on the fact that > __ast_string_field_release_active never previously zeroed pool->used, so > keeping the existing pointer was ok. Setting each field to > __ast_string_field_empty after releasing the memory seems to resolve the > issue. > > > Diffs > ----- > > /branches/12/include/asterisk/stringfields.h 427735 > > Diff: https://reviewboard.asterisk.org/r/4186/diff/ > > > Testing > ------- > > Full testsuite against 12. I had 17 failures, but that is normal on my > system. I re-ran the 17 tests without this patch, they still failed. > > > Thanks, > > Corey Farrell > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
