You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by sc...@apache.org on 2013/08/28 16:52:00 UTC
svn commit: r1518225 - /tomcat/native/branches/1.1.x/native/src/network.c
Author: schultz
Date: Wed Aug 28 14:52:00 2013
New Revision: 1518225
URL: http://svn.apache.org/r1518225
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51813
Add NULL-checking for s->net to avoid SIGSEGV in situations where it appears a socket has been recycled.
Modified:
tomcat/native/branches/1.1.x/native/src/network.c
Modified: tomcat/native/branches/1.1.x/native/src/network.c
URL: http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/network.c?rev=1518225&r1=1518224&r2=1518225&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/network.c (original)
+++ tomcat/native/branches/1.1.x/native/src/network.c Wed Aug 28 14:52:00 2013
@@ -439,6 +439,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, send)(T
return -(jint)APR_ENOTSOCK;
}
TCN_ASSERT(s->opaque != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
#ifdef TCN_DO_STATISTICS
sp_max_send = TCN_MAX(sp_max_send, nbytes);
sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -515,6 +519,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendb)(
}
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(buf != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
#ifdef TCN_DO_STATISTICS
sp_max_send = TCN_MAX(sp_max_send, nbytes);
sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -555,6 +563,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendib)
}
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(buf != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
#ifdef TCN_DO_STATISTICS
sp_max_send = TCN_MAX(sp_max_send, nbytes);
sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -589,6 +601,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendbb)
}
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(s->jsbbuff != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
#ifdef TCN_DO_STATISTICS
sp_max_send = TCN_MAX(sp_max_send, nbytes);
sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -625,6 +641,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendibb
}
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(s->jsbbuff != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
#ifdef TCN_DO_STATISTICS
sp_max_send = TCN_MAX(sp_max_send, nbytes);
sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -656,6 +676,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendv)(
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
TCN_ASSERT(s->opaque != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
nvec = (*e)->GetArrayLength(e, bufs);
if (nvec >= APR_MAX_IOVEC_SIZE)
@@ -726,6 +750,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recv)(T
UNREFERENCED(o);
TCN_ASSERT(sock != 0);
TCN_ASSERT(s->opaque != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
if (toread <= TCN_BUFFER_SZ) {
char sb[TCN_BUFFER_SZ];
@@ -783,6 +811,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvt)(
TCN_ASSERT(sock != 0);
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(buf != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
if ((ss = (*s->net->timeout_get)(s->opaque, &pt)) != APR_SUCCESS) {
TCN_ERROR_WRAP(ss);
@@ -855,6 +887,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvb)(
}
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(buf != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
bytes = (char *)(*e)->GetDirectBufferAddress(e, buf);
TCN_ASSERT(bytes != NULL);
@@ -903,6 +939,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbb)
TCN_ASSERT(sock != 0);
TCN_ASSERT(s->opaque != NULL);
TCN_ASSERT(s->jrbbuff != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
ss = (*s->net->recv)(s->opaque, s->jrbbuff + offset, &nbytes);
#ifdef TCN_DO_STATISTICS
@@ -954,6 +994,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbt)
}
TCN_ASSERT(buf != NULL);
TCN_ASSERT(s->opaque != NULL);
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
bytes = (char *)(*e)->GetDirectBufferAddress(e, buf);
TCN_ASSERT(bytes != NULL);
@@ -1023,7 +1067,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbbt
}
TCN_ASSERT(s->jrbbuff != NULL);
TCN_ASSERT(s->opaque != NULL);
-
+ if(!s->net) {
+ tcn_ThrowAPRException(e, APR_EINVALSOCK);
+ return -(jint)APR_EINVALSOCK;
+ }
if ((ss = (*s->net->timeout_get)(s->opaque, &pt)) != APR_SUCCESS) {
TCN_ERROR_WRAP(ss);
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: svn commit: r1518225 - /tomcat/native/branches/1.1.x/native/src/network.c
Posted by Christopher Schultz <ch...@christopherschultz.net>.
Rainer,
On 8/29/13 1:23 PM, Rainer Jung wrote:
> On 28.08.2013 16:52, schultz@apache.org wrote:
>> Author: schultz
>> Date: Wed Aug 28 14:52:00 2013
>> New Revision: 1518225
>>
>> URL: http://svn.apache.org/r1518225
>> Log:
>> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51813
>>
>> Add NULL-checking for s->net to avoid SIGSEGV in situations where it appears a socket has been recycled.
>>
>> Modified:
>> tomcat/native/branches/1.1.x/native/src/network.c
>
> If it is straightforward you might also want to apply to tcnative trunk
> to reduce code drift. I know tcnative trunk is not in good shape but still.
I'm happy to see if the patch will merge (somewhat) cleanly.
In either case, the patch was fairly simple if I had to re-do the whole
thing from scratch... it's just NULL checking :)
-chris
Re: svn commit: r1518225 - /tomcat/native/branches/1.1.x/native/src/network.c
Posted by Rainer Jung <ra...@kippdata.de>.
On 28.08.2013 16:52, schultz@apache.org wrote:
> Author: schultz
> Date: Wed Aug 28 14:52:00 2013
> New Revision: 1518225
>
> URL: http://svn.apache.org/r1518225
> Log:
> Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51813
>
> Add NULL-checking for s->net to avoid SIGSEGV in situations where it appears a socket has been recycled.
>
> Modified:
> tomcat/native/branches/1.1.x/native/src/network.c
If it is straightforward you might also want to apply to tcnative trunk
to reduce code drift. I know tcnative trunk is not in good shape but still.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org