https://bz.apache.org/bugzilla/show_bug.cgi?id=61228
Alex CHEN <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |UNCONFIRMED Ever confirmed|1 |0 Resolution|WORKSFORME |--- --- Comment #3 from Alex CHEN <[email protected]> --- (In reply to Yann Ylavic from comment #1) > As their name suggests, "transient" buckets can point to stack memory, where > the creator of such buckets is responsible for the scope. > > In this case, the transient bucket 'e' will be either setaside (moved to > heap memory) by subsequent filters in ap_pass_brigade(), or cleaned up with > its brigade 'b' before the end of the function. > > So it won't "leak" (hence be accessed) outside the function, AFAICT. Inside `apr_brigade_cleanup`, there is a FIX for https://bz.apache.org/bugzilla/show_bug.cgi?id=51062, https://svn.apache.org/viewvc/apr/apr/trunk/buckets/apr_brigade.c?annotate=1102687&pathrev=1102687, Could there is a chance that: when hitting the above brigade corruption, the fix breaks infinite loop but leave the brigade unclean (leak stack memory?) ? Could anybody have a check on this? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
