dovecot-2.0: ostream-file: Fixed potential crash in write_at() a...
dovecot at dovecot.org
dovecot at dovecot.org
Mon Oct 18 18:51:48 EEST 2010
details: http://hg.dovecot.org/dovecot-2.0/rev/17957b5082cd
changeset: 12301:17957b5082cd
user: Timo Sirainen <tss at iki.fi>
date: Mon Oct 18 16:51:12 2010 +0100
description:
ostream-file: Fixed potential crash in write_at() and also fixed attempted optimization.
diffstat:
src/lib/Makefile.am | 1 +
src/lib/ostream-file.c | 12 +++--
src/lib/test-lib.c | 1 +
src/lib/test-lib.h | 1 +
src/lib/test-ostream-file.c | 69 ++++++++++++++++++++++++++++++++++
5 files changed, 79 insertions(+), 5 deletions(-)
diffs (142 lines):
diff -r 0dae63c1af96 -r 17957b5082cd src/lib/Makefile.am
--- a/src/lib/Makefile.am Mon Oct 18 16:14:08 2010 +0100
+++ b/src/lib/Makefile.am Mon Oct 18 16:51:12 2010 +0100
@@ -237,6 +237,7 @@
test-llist.c \
test-mempool-alloconly.c \
test-network.c \
+ test-ostream-file.c \
test-primes.c \
test-priorityq.c \
test-seq-range-array.c \
diff -r 0dae63c1af96 -r 17957b5082cd src/lib/ostream-file.c
--- a/src/lib/ostream-file.c Mon Oct 18 16:14:08 2010 +0100
+++ b/src/lib/ostream-file.c Mon Oct 18 16:51:12 2010 +0100
@@ -621,7 +621,8 @@
/* update buffer if the write overlaps it */
used = file_buffer_get_used_size(fstream);
- if (fstream->buffer_offset < offset + size &&
+ if (used > 0 &&
+ fstream->buffer_offset < offset + size &&
fstream->buffer_offset + used > offset) {
if (fstream->buffer_offset <= offset) {
/* updating from the beginning */
@@ -641,9 +642,11 @@
of it in one pwrite(). */
} else {
/* write only the suffix */
- data = CONST_PTR_OFFSET(data, skip);
- size -= skip;
- offset += skip;
+ unsigned int update_count = size - left;
+
+ data = CONST_PTR_OFFSET(data, update_count);
+ size -= update_count;
+ offset += update_count;
}
} else if (skip == 0) {
/* everything done */
@@ -651,7 +654,6 @@
} else {
/* still have to write prefix */
size = skip;
-
}
}
diff -r 0dae63c1af96 -r 17957b5082cd src/lib/test-lib.c
--- a/src/lib/test-lib.c Mon Oct 18 16:14:08 2010 +0100
+++ b/src/lib/test-lib.c Mon Oct 18 16:51:12 2010 +0100
@@ -19,6 +19,7 @@
test_llist,
test_mempool_alloconly,
test_network,
+ test_ostream_file,
test_primes,
test_priorityq,
test_seq_range_array,
diff -r 0dae63c1af96 -r 17957b5082cd src/lib/test-lib.h
--- a/src/lib/test-lib.h Mon Oct 18 16:14:08 2010 +0100
+++ b/src/lib/test-lib.h Mon Oct 18 16:51:12 2010 +0100
@@ -18,6 +18,7 @@
void test_llist(void);
void test_mempool_alloconly(void);
void test_network(void);
+void test_ostream_file(void);
void test_primes(void);
void test_priorityq(void);
void test_seq_range_array(void);
diff -r 0dae63c1af96 -r 17957b5082cd src/lib/test-ostream-file.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/lib/test-ostream-file.c Mon Oct 18 16:51:12 2010 +0100
@@ -0,0 +1,69 @@
+/* Copyright (c) 2009-2010 Dovecot authors, see the included COPYING file */
+
+#include "test-lib.h"
+#include "str.h"
+#include "safe-mkstemp.h"
+#include "randgen.h"
+#include "ostream.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+
+#define MAX_BUFSIZE 256
+
+static void test_ostream_file_random(void)
+{
+ struct ostream *output;
+ string_t *path = t_str_new(128);
+ char buf[MAX_BUFSIZE*4], buf2[MAX_BUFSIZE*4], randbuf[MAX_BUFSIZE];
+ unsigned int i, offset, size;
+ ssize_t ret;
+ int fd;
+
+ memset(buf, 0, sizeof(buf));
+ fd = safe_mkstemp(path, 0600, (uid_t)-1, (gid_t)-1);
+ if (fd == -1)
+ i_fatal("safe_mkstemp(%s) failed: %m", str_c(path));
+ if (unlink(str_c(path)) < 0)
+ i_fatal("unlink(%s) failed: %m", str_c(path));
+ output = o_stream_create_fd(fd, MAX_BUFSIZE, FALSE);
+ o_stream_cork(output);
+
+ size = (rand() % MAX_BUFSIZE) + 1;
+ random_fill_weak(randbuf, size);
+ memcpy(buf, randbuf, size);
+ o_stream_send(output, buf, size);
+
+ for (i = 0; i < 10; i++) {
+ offset = rand() % (MAX_BUFSIZE*3);
+ size = (rand() % MAX_BUFSIZE) + 1;
+ random_fill_weak(randbuf, size);
+ memcpy(buf + offset, randbuf, size);
+ o_stream_pwrite(output, randbuf, size, offset);
+ if (rand() % 10 == 0)
+ o_stream_flush(output);
+ }
+
+ o_stream_flush(output);
+ o_stream_uncork(output);
+ ret = pread(fd, buf2, sizeof(buf2), 0);
+ if (ret < 0)
+ i_fatal("pread() failed: %m");
+ else {
+ i_assert(ret > 0);
+ test_assert(memcmp(buf, buf2, ret) == 0);
+ }
+ o_stream_unref(&output);
+ (void)close(fd);
+}
+
+void test_ostream_file(void)
+{
+ unsigned int i;
+
+ test_begin("ostream pwrite random");
+ for (i = 0; i < 100; i++) T_BEGIN {
+ test_ostream_file_random();
+ } T_END;
+ test_end();
+}
More information about the dovecot-cvs
mailing list