Your message dated Thu, 22 Mar 2018 03:30:24 +0000
with message-id <[email protected]>
and subject line Bug#893688: fixed in serf 1.3.9-6
has caused the Debian Bug report #893688,
regarding libserf-1-1: bzr-svn segfaults in serf_bucket_aggregate_append
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
893688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893688
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libserf-1-1
Version: 1.3.9-5
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu bionic ubuntu-patch
bzr-svn segfaults due to a list management bug in
serf_bucket_aggregate_append. This is unfortunately hard to observe
because bzr-svn isn't in Debian any more and various things around it
have bitrotted a bit, but we still rely on it for Subversion imports in
Launchpad, and it is possible to set up a reproduction environment in
unstable with a bit of hacking.
First, install bzr from unstable.
Next, grab commit 01cfebd2e32b940ddfa55373640907b39da8413f of subvertpy
(https://github.com/jelmer/subvertpy), which makes a bit of API that
bzr-svn needs available with modern versions of Subversion, and build it
("sudo apt build-dep python-subvertpy && make").
Next, grab bzr-svn ("bzr branch lp:bzr-svn"). It's a bit broken with
modern versions of libsvn; I had to apply the following hacky patch,
which is almost certainly not quite right in some way (which is why I
haven't submitted it yet), but it'll do for the purposes of this bug:
=== modified file 'logwalker.py'
--- logwalker.py 2012-03-08 17:52:35 +0000
+++ logwalker.py 2018-03-21 08:25:52 +0000
@@ -206,7 +206,8 @@ class CachingLogWalkerUpdater(object):
self.count += 1
self.pb.update('fetching svn revision info', self.count, self.total)
self.logwalker.cache.insert_paths(revision, orig_paths,
- revprops, self.all_revprops)
+ {key.encode("UTF-8"): value for key, value in revprops.items()},
+ self.all_revprops)
self.logwalker.saved_maxrevnum = max(revision,
self.logwalker.saved_maxrevnum)
if self.logwalker.saved_minrevnum is None:
=== modified file 'transport.py'
--- transport.py 2012-03-08 17:52:35 +0000
+++ transport.py 2018-03-21 08:21:59 +0000
@@ -440,7 +440,7 @@ class SvnRaTransport(Transport):
if self._uuid is None:
conn = self.get_any_connection()
try:
- return conn.get_uuid()
+ return conn.get_uuid().encode("UTF-8")
finally:
self.add_connection(conn)
return self._uuid
@@ -456,7 +456,7 @@ class SvnRaTransport(Transport):
if self._repos_root is None:
conn = self.get_any_connection()
try:
- self._repos_root = conn.get_repos_root()
+ self._repos_root = conn.get_repos_root().encode("UTF-8")
finally:
self.add_connection(conn)
return self._repos_root
Make ~/.bazaar/plugins/svn be a symlink to the bzr-svn branch.
Now try this branch operation, with PYTHONPATH adjusted to point to
wherever you cloned subvertpy:
PYTHONPATH=/path/to/subvertpy bzr branch
https://svn.code.sf.net/p/truckliststudio/svn/trunk truckliststudio
The fix is rather easier than describing the setup, since it was fixed
upstream some time ago:
https://svn.apache.org/viewvc?view=revision&revision=1712790
diff -Nru serf-1.3.9/debian/changelog serf-1.3.9/debian/changelog
--- serf-1.3.9/debian/changelog 2018-02-05 23:28:07.000000000 +0000
+++ serf-1.3.9/debian/changelog 2018-03-20 12:41:54.000000000 +0000
@@ -1,3 +1,10 @@
+serf (1.3.9-5) UNRELEASED; urgency=medium
+
+ * Backport r1712790 from upstream to fix a segfault in
+ serf_bucket_aggregate_prepend when prepending a bucket to an empty list.
+
+ -- Colin Watson <[email protected]> Tue, 20 Mar 2018 12:41:52 +0000
+
serf (1.3.9-4) unstable; urgency=medium
* Mark serf_debug_closed_conn as a public symbol, since svn has been using
diff -Nru
serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
--- serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
1970-01-01 01:00:00.000000000 +0100
+++ serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
2017-05-16 14:32:26.000000000 +0100
@@ -0,0 +1,34 @@
+Description: Make serf_bucket_aggregate_prepend() behave properly when
prepending a bucket to an empty list
+Origin: upstream, https://svn.apache.org/viewvc?view=revision&revision=1712790
+
+Index: b/buckets/aggregate_buckets.c
+===================================================================
+--- a/buckets/aggregate_buckets.c
++++ b/buckets/aggregate_buckets.c
+@@ -149,6 +149,8 @@
+ new_list->bucket = prepend_bucket;
+ new_list->next = ctx->list;
+
++ if (ctx->list == NULL)
++ ctx->last = new_list;
+ ctx->list = new_list;
+ }
+
+@@ -278,6 +280,8 @@
+
+ /* If we have no more in our list, return EOF. */
+ if (!ctx->list) {
++ ctx->last = NULL;
++
+ if (ctx->hold_open) {
+ return ctx->hold_open(ctx->hold_open_baton, bucket);
+ }
+@@ -390,6 +394,8 @@
+
+ /* If we have no more in our list, return EOF. */
+ if (!ctx->list) {
++ ctx->last = NULL;
++
+ if (ctx->hold_open) {
+ return ctx->hold_open(ctx->hold_open_baton, bucket);
+ }
diff -Nru serf-1.3.9/debian/patches/series serf-1.3.9/debian/patches/series
--- serf-1.3.9/debian/patches/series 2017-11-13 02:19:32.000000000 +0000
+++ serf-1.3.9/debian/patches/series 2018-03-20 12:38:28.000000000 +0000
@@ -1,2 +1,3 @@
libtool
r1792234-expired-certs
+r1712790-serf_bucket_aggregate_prepend-empty-list
--
Colin Watson [[email protected]]
--- End Message ---
--- Begin Message ---
Source: serf
Source-Version: 1.3.9-6
We believe that the bug you reported is fixed in the latest version of
serf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James McCoy <[email protected]> (supplier of updated serf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 21 Mar 2018 21:38:37 -0400
Source: serf
Binary: libserf-1-1 libserf-dev
Architecture: source
Version: 1.3.9-6
Distribution: unstable
Urgency: medium
Maintainer: James McCoy <[email protected]>
Changed-By: James McCoy <[email protected]>
Description:
libserf-1-1 - high-performance asynchronous HTTP client library
libserf-dev - high-performance asynchronous HTTP client library headers
Closes: 893688
Changes:
serf (1.3.9-6) unstable; urgency=medium
.
* Backport r1712790 from upstream to fix NULL pointer dereference.
Thanks to Colin Watson for investigation and report (Closes: #893688)
Checksums-Sha1:
68776c355b8f706c523879969b579e3b4e9ff4c5 2068 serf_1.3.9-6.dsc
1a9cbf90eb0d03db45048195ae1fceebd08a06fb 607192 serf_1.3.9-6.debian.tar.xz
92f3f7eea02c6da8d4066a91c6ad8194ffb5b47f 7202 serf_1.3.9-6_amd64.buildinfo
Checksums-Sha256:
a167e567ecdbc3168a7d456cb8ea1797bacb62eed1adba11f29f18a77266de59 2068
serf_1.3.9-6.dsc
4edca64a580b5a329bda7ad6da5f3bbdec858c496f30825cda2840755a277fde 607192
serf_1.3.9-6.debian.tar.xz
15add6d48e3d6bbf011f803a0d7d96598c79c3c9aa1464e4c156332b24fa7344 7202
serf_1.3.9-6_amd64.buildinfo
Files:
41dc29dfa19908d544f3b56252e1d892 2068 libs optional serf_1.3.9-6.dsc
e6cd1e9200f8f9c241cb17cdbcc75406 607192 libs optional
serf_1.3.9-6.debian.tar.xz
2df2fac71a9fa708b1240927c71177df 7202 libs optional
serf_1.3.9-6_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAlqzCm9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx
QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIACgkQ3+aRrjMb
o9vbJg/9F9c8QGBq3IuI5nJQYFNbAa7S/xhrWepMaI08xWfTwQB4aLjs3o6mddn7
0eTCqTq6hMIpDPBN582nnRm3i6J4VavViFYHV5Sem0nW7PAJhKzVsy+11myJ6KnP
u5nHIN45YeiREDbXY8Dn4NOwfEvLWnN1mU6dwCXt38u97ITOAiKbtKo/xD9ITf+k
WYL+dPg7+mhsnUTz7zx7G8VNwEY4/YjldwLbO7sDBfx5OZWV1P5RwCbibCQ862fi
HDvdr9PbtCiLJ1A6zJN2CGgW1eKa4TbhHaM1ijMMrCKEloX3B89Ogx+XiU4EW8pH
cRXw/qkxbDHY5L3jp3l3DOLjIcfS+R6JMy8UkiRbyar74J0VVNhFZyhsOIbHTHZN
/5sWdBIGkGFbNa1ZxO2/1AAy76nMlXaxxa0rkSHZMd/QugsE6CUaSlJ6QyldX/2y
4tfBl0sFgB0jTsWTZVvepCuErW0+d0MrFclTr2Pkm53bCQHMl+PbCtEVmklomoe1
OZRazIfP49Mc4/KhN52EEx0RX0g5qeWpSTQcO0HLf8lJbsWgA2sgcukbcbbkn5it
LepdHMPvQKYZgTeQbV4ETbdQ8gOnUQ0G5zmarsIt+mXQ9WMdPnF+IfGbnGoisn84
qM6exvlLzIQiHohiDBht/CD9ssHvc4EWqEKEc/53kbn1Q526Sjg=
=raBN
-----END PGP SIGNATURE-----
--- End Message ---
