another 2.5.1pre keywords-related coredump

Julien ÉLIE julien at trigofacile.com
Fri Oct 9 18:34:13 UTC 2009 

Hi Nix,

> There's a really suspicious comment on that line:
>
> if (hc->Value)
>   free(hc->Value); /* malloc'd within */
>
> Judging from the definition of HDR() this is seriously bad. Maybe some
> strdup()ping is in order? (One wonders why anyone would consider
> free()ing something that wasn't malloc()ed: sure, it could be a mistake,
> but *actually commenting on it on the same line*, well... ;} )

hc is really something else (the whole headers!).
I wonder whether that code worked someday in INN (even INN 2.0 uses hc
and I do not find keyword generation in INN 1.7.2).

I suggest that patch:

--- innd/art.c  (révision 8646)
+++ innd/art.c  (copie de travail)
@@ -1939,11 +1939,11 @@
     /* Patch the old keywords back in. */
     if (DO_KEYWORDS && innconf->keywords) {
       if (key_old_value) {
-       if (hc->Value)
-         free(hc->Value);              /* malloc'd within */
-       hc->Value  = key_old_value;
-       hc->Length = key_old_length;
-       key_old_value = NULL;
+        if (hc[HDR__KEYWORDS].Value)
+          free(hc[HDR__KEYWORDS].Value); /* malloc'd within */
+        hc[HDR__KEYWORDS].Value  = key_old_value;
+        hc[HDR__KEYWORDS].Length = key_old_length;
+        key_old_value = NULL;
       }
     }
   }


Does it look good to you?


Incidentally, I do not understand why we have if (DO_KEYWORDS) and
not #if DO_KEYWORDS; we have lots of useless boolean checks (if 0) for
every header of every article...  Is there a reason not to use
#if DO_KEYWORDS compilation checks?



> Thankfully the crash is not caused by some complex cross-article arena
> corruption but is reproducibly caused by the attached article (still in
> wire format, as an application/octet-stream accordingly):

As you may have found, the problem comes from the fact that your test
article contains a Keywords: header :)

With the patch above, it seems to properly work:

OVER 259
224 Overview information for 259 follows
259     Introduction to REC.HUMOR.FUNNY.RERUNS -- Monthly Posting       funny-request at netfunny.com (Funny Guy)  Fri, 9 Oct 2009 
6:35:00 PDT       <S1cb7.39x4 at netfunny.com>               7912    128     Xref: news.trigofacile.com trigofacile.test:259 
Keywords: monthly 
administrivia,humor,moderator,moderated,rhf,newsgroup,funny,rec,article,brad,archive,reruns,best,rhfr,newsgroups,different,articles,people,posts,read,inappropriate,submissions,circulates,considered,importance,moderating,moderators,particular,previously,selections,subjective,voluminous,executive,maintains,naturally,submitted,templeton,appeared,creation,directly,features,griffith,hausmann,internet,moderate,netfunny,personal,selected,software,accepts,allowed,another,current
.

-- 
Julien ÉLIE

« Inter pradendum sit saepe parumque bibendum. »

More information about the inn-workers mailing list