On 03.01.2016 18:50, Hanno Böck wrote:
> On Sun, 3 Jan 2016 18:12:47 +0100
> Branko Čibej <brane_at_apache.org> wrote:
>
>> GCC (or any other compiler) may do a lot of things, but it's not
>> allowed to change the way APR pool allocation works. We're not using
>> malloc(); we're using apr_palloc() & co.
>
> Okay, I think we have a misunderstanding here.
>
> The error I encountered is not by code allocated by apr_palloc. It
> actually comes from this line in notify.c:
> SVN_ERR(svn_dirent_get_absolute(&nb->path_prefix, "", pool));
>
> The memory that is read out of bounds is the "" string literal.
Yep, you are right.
Turns out that the whole code path was (almost) a duplication
of a function that does not have this problem. Fixed in r1722860.
A related problem was then found by our SOLARIS build bot and
got fixed in r1722879 and r1722887.
Thanks for the detailed report!
-- Stefan^2.
Received on 2016-01-04 16:17:11 CET