Skip Menu |

This queue is for tickets about the BTRIEVE-Native CPAN distribution.

Report information
The Basics
Id: 96885
Status: resolved
Priority: 0/
Queue: BTRIEVE-Native
People
Owner: Nobody in particular
Requestors: chelpanov [...] mail.ru
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed Jul 02 07:50:35 2014 chelpanov [...] mail.ru - Ticket created
Subject: Crash due to invalid memory allocation
In case of intensive btrieve operations (millions) and memory usage application crashes unexpectedly. Module version 0.03, Active Perl v5.8.8 built for MSWin32-x86-multi-thread on Windows XP The perl version is old, but i think this issue not related to perl version. Fix: short Call( operation, posBlock, dataBuffer, dataLength, keyBuffer, keyNumber ) unsigned short operation char* posBlock char* dataBuffer unsigned long dataLength char* keyBuffer short keyNumber CODE: RETVAL = BTRCALL( operation, posBlock, dataBuffer, &dataLength, keyBuffer, MAX_KEY_SIZE, keyNumber ); OUTPUT: posBlock ; dataBuffer SvCUR_set((SV*)ST(2),dataLength); dataLength keyBuffer ; RETVAL
  Thu Jul 03 06:54:34 2014 sgoeldner [...] cpan.org - Correspondence added
Thanks for the report. I'm not a XS guru - can you explain your fix a little bit? Do you mean we can omit the sv_setpvn? What's the use of SvCUR_set? IMHO, it doesn't affect memory management.
  Thu Jul 03 06:54:35 2014 The RT System itself - Status changed from 'new' to 'open'
  Fri Jul 04 06:44:15 2014 chelpanov [...] mail.ru - Correspondence added
Subject: Re: [rt.cpan.org #96885] Crash due to invalid memory allocation
Date: Fri, 04 Jul 2014 14:43:40 +0400
To: "bug-BTRIEVE-Native [...] rt.cpan.org" <bug-btrieve-native [...] rt.cpan.org>
From: Ilya Chelpanov <chelpanov [...] mail.ru>

Hello,

We don't need sv_setpvn because data already in place.

We need SvCUR_set because dataLength after BTRCALL can be smaller then before, so we need set dataBuffer length (sv_setpvn do this in original version).

We don't need apply SvCUR_set to posBlock and keyBuffer because their length assumed to be fixed (in original version).

I investigated issue a little bit more, in my case memory error caused by following line of code:

keyBuffer  sv_setpvn((SV*)ST(4), keyBuffer , MAX_KEY_SIZE   );

In my case, length of scalar keyBuffer was less then MAX_KEY_SIZE and memory corruption occurs.

So, this is not exactly BTRIEVE::Native bug, but BTRIVE::Native is not safe and in pair with BTRIEVE::FileIO error occurs.

So, after all i suggest following changes to make BTRIEVE::Native more safe and more efficient:

short

Call( operation, posBlock, dataBuffer, dataLength, keyBuffer, keyNumber )

  unsigned short operation

  char*          posBlock

  char*          dataBuffer

  unsigned long  dataLength

  char*          keyBuffer

  short          keyNumber

  CODE:

  if ( SvCUR(ST(1)) != POS_BLOCK_SIZE ) {

      croak("posBlock length must be %d",POS_BLOCK_SIZE);

  }

  RETVAL = BTRCALL( operation, posBlock, dataBuffer, &dataLength, keyBuffer, SvCUR(ST(4)), keyNumber );

  OUTPUT:

  posBlock   ;

  dataBuffer SvCUR_set((SV*)ST(2),dataLength);

  dataLength

  keyBuffer  ;

  RETVAL

 




03.07.2014, 14:54, "Steffen Goeldner via RT" <bug-BTRIEVE-Native@rt.cpan.org>:

Show quoted text
 <URL: https://rt.cpan.org/Ticket/Display.html?id=96885 >

 Thanks for the report. I'm not a XS guru - can you explain
 your fix a little bit?
 Do you mean we can omit the sv_setpvn?
 What's the use of SvCUR_set? IMHO, it doesn't affect
 memory management.

--
Илья.

  Mon Jul 14 07:05:28 2014 sgoeldner [...] cpan.org - Correspondence added
Looks good, спасибо! <http://www.cpan.org/authors/id/S/SG/SGOELDNER/BTRIEVE-Native-0.04.tar.gz>
  Mon Jul 14 07:05:29 2014 sgoeldner [...] cpan.org - Status changed from 'open' to 'resolved'