[Date Prev][Date Next] [Chronological] [Thread] [Top]

Couple more memory management bugs



I've just moved up to running 2.1.1beta, and am still trying to track down an
occasional segmentation fault under Electric Fence.

I believe I've found a couple of further bugs. I'm happy to file an ITS on 
them, but I'm not sure if my fix for the first is correct. As far as I can 
tell these aren't fixed in HEAD.

Problem 1
-------

Electric fence causes a memory protection error in idl_intersection in 
back_ldbm/idl.c line 1070. It looks like the end of the 'b' IDL is being read 
past in the loop. I can make the error go away with the following patch, but 
I don't have a good enough idea of how the IDL code works to know if this is 
correct or not:

--- idl.c~      Tue May 14 21:55:57 2002
+++ idl.c       Tue May 14 22:02:58 2002
@@ -1066,7 +1066,7 @@
        idl_check(b);
 #endif
 
-       for ( ni = 0, ai = 0, bi = 0; ai < ID_BLOCK_NIDS(a); ai++ ) {
+       for ( ni = 0, ai = 0, bi = 0; ai < ID_BLOCK_NIDS(a) && bi < 
+         ID_BLOCK_NIDS(b); ai++ ) {
                if ( ID_BLOCK_ID(a, ai) < 
                     ID_BLOCK_ID(b, bi) ) {
                        continue;

Problem 2
-------

The second problem, which I'm more confident of my fix for, is in 
schema_init.c. It attempts to free a berval which is statically allocated. I 
believe the following fixes it:

--- schema_init.c~      Thu Apr 18 16:39:22 2002
+++ schema_init.c       Tue May 14 22:15:38 2002
@@ -274,7 +274,7 @@
 
        rc = dnValidate( NULL, &dn );
 
-       ber_memfree( &dn );
+       ber_memfree( dn.bv_val );
        return rc;
 }

Is anyone looking at memory management issues? I could look at setting up a 
machine here to run the test suite with efence, and report on the results, if 
that would be useful.

Cheers,

Simon.

-- 
Simon Wilkinson            <simon@sxw.org.uk>          http://www.sxw.org.uk
"The early bird does indeed get the worm. But, its the second mouse that
gets the cheese."