| Subject: | db_stat SEGV |
| Date: | Sat, 23 May 2009 11:49:47 +0400 |
| To: | bug-BerkeleyDB [...] rt.cpan.org |
| From: | Alexey Tourbin <at [...] altlinux.ru> |
Hello,
When underlying db_stat call returns non-zero status,
BerkeleyDB segfaults.
4232 XS(XS_BerkeleyDB__Hash_db_stat)
4233 {
4234 #ifdef dVAR
4235 dVAR; dXSARGS;
4236 #else
4237 dXSARGS;
4238 #endif
4239 if (items < 1 || items > 2)
4240 Perl_croak(aTHX_ "Usage: %s(%s)", "BerkeleyDB::Hash::db_stat", "db, flags=0");
4241 PERL_UNUSED_VAR(cv); /* -W */
4242 {
4243 int flags;
4244 BerkeleyDB__Common db;
4245 HV * RETVAL = NULL ;
...
4282 if (db->Status == 0) {
4283 RETVAL = (HV*)sv_2mortal((SV*)newHV()) ;
4284 hv_store_iv(RETVAL, "hash_magic", stat->hash_magic) ;
4285 hv_store_iv(RETVAL, "hash_version", stat->hash_version);
4286 hv_store_iv(RETVAL, "hash_pagesize", stat->hash_pagesize);
...
4309 safefree(stat) ;
4310 }
4311 #endif
4312 }
4313 #line 4314 "BerkeleyDB.c"
4314 ST(0) = newRV((SV*)RETVAL);
4315 sv_2mortal(ST(0));
4316 }
4317 XSRETURN(1);
4318 }
The segfault is due to NULL passed to newRV. Possible fix is
as follows. Note that recno and queue db_stat should be fixed,
too.
--- BerkeleyDB.xs- 2009-04-05 07:49:47 +0000
+++ BerkeleyDB.xs 2009-05-23 07:46:53 +0000
@@ -3049,7 +3049,9 @@ db_stat(db, flags=0)
db->Status = ((db->dbp)->stat)(db->dbp, &stat, safemalloc, flags) ;
#endif
#endif
- if (db->Status == 0) {
+ if (db->Status)
+ XSRETURN_UNDEF;
+ else {
RETVAL = (HV*)sv_2mortal((SV*)newHV()) ;
hv_store_iv(RETVAL, "hash_magic", stat->hash_magic) ;
hv_store_iv(RETVAL, "hash_version", stat->hash_version);
Message body not shown because it is not plain text.