On 3/30/06, Paul Burba <paulb@softlanding.com> wrote:
> [[[
> Fix deadlock vulnerability in OS400 hook processing.
>
> This is a follow-up to r19004 which addressed limitations with IBM's
> implementation of APR processes. There is a flaw in r19004: A deadlock
> occurs if a hook script fills the stderr pipe and then Subversion
> attempts to write stdin via a separate pipe. This patch fixes that.
>
> Found By: Peter N. Lundblad" <peter@famlundblad.se>
>
> * subversion/libsvn_repos/hooks.c
> Include sys/poll.h, sys/types.h, unistd.h
> (run_hook_cmd): Reimplemented using poll() to avoid deadlocks when
> multiplexing with a hook process.
> ]]]
I just looked at this in passing, but it looks like:
+ /* Immediate poll to check if we can read stderr from the script. */
+ if (poll((struct pollfd *)(&pfds[0]), 1, 0) == -1)
+ {
+ return svn_error_createf(SVN_ERR_EXTERNAL_PROGRAM, NULL,
+ "Error polling stderr of hook "
+ "script '%s'", cmd);
+ }
That cast seems unnecessary. pfds is an array of struct pollfd, so
&pfds[0] should already be a struct pollfd *.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Mar 30 21:26:21 2006