patch 2.0 patch #6

lwall at sdcrdcf.UUCP lwall at sdcrdcf.UUCP
Tue Feb 10 11:11:42 AEST 1987 

System: patch version 2.0
Patch #: 6
Priority: HIGH
Subject: New-style context diffs can cause double call to free().
From: lwall at sdcrdcf (Larry Wall)

Description:
	When either the pattern section or the replacement section of
	a hunk is omitted, patch copies the corresponding line from
	the other section.  It does this by copying the pointer, not
	by copying the line, so when the hunk is later freed, some
	lines are freed twice.  This gives heartburn to many varieties
	of the malloc package.

Fix:	From rn, say "| patch -d DIR", where DIR is your patch source
	directory.  Outside of rn, say "cd DIR; patch <thisarticle".
	If you don't have the patch program, apply the following by hand,
	or get patch.

	If patch indicates that patchlevel is the wrong version, you may need
	to apply one or more previous patches, or the patch may already
	have been applied.  See the patchlevel.h file to find out what has or
	has not been applied.  In any event, don't continue with the patch.

	If you are missing previous patches they can be obtained from me:

	Larry Wall
	{allegra,burdvax,cbosgd,hplabs,ihnp4,sdcsvax}!sdcrdcf!lwall

	If you send a mail message of the following form it will greatly speed
	processing:

	Subject: Command
	@SH mailpatch PATH patch 2.0 LIST
		   ^ note the c

	where PATH is a return path FROM ME TO YOU in bang notation, and LIST
	is the number of one or more patches you need, separated by spaces,
	commas, and/or hyphens.  Saying 35- says everything from 35 to the end.

Index: patchlevel.h
Prereq: 5
1c1
< #define PATCHLEVEL 5
---
> #define PATCHLEVEL 6
 
Index: pch.c
Prereq: 2.0.1.3
*** pch.c.old	Mon Jan  5 17:03:02 1987
*** pch.c	Mon Jan  5 17:03:26 1987
***************
*** 1,4
! /* $Header: pch.c,v 2.0.1.3 86/11/14 10:08:33 lwall Exp $
   *
   * $Log:	pch.c,v $
   * Revision 2.0.1.3  86/11/14  10:08:33  lwall

--- 1,4 -----
! /* $Header: pch.c,v 2.0.1.4 87/01/05 16:59:53 lwall Exp $
   *
   * $Log:	pch.c,v $
   * Revision 2.0.1.4  87/01/05  16:59:53  lwall
***************
*** 1,6
  /* $Header: pch.c,v 2.0.1.3 86/11/14 10:08:33 lwall Exp $
   *
   * $Log:	pch.c,v $
   * Revision 2.0.1.3  86/11/14  10:08:33  lwall
   * Fixed problem where a long pattern wouldn't grow the hunk.
   * Also restored p_input_line when backtracking so error messages are right.

--- 1,9 -----
  /* $Header: pch.c,v 2.0.1.4 87/01/05 16:59:53 lwall Exp $
   *
   * $Log:	pch.c,v $
+  * Revision 2.0.1.4  87/01/05  16:59:53  lwall
+  * New-style context diffs caused double call to free().
+  * 
   * Revision 2.0.1.3  86/11/14  10:08:33  lwall
   * Fixed problem where a long pattern wouldn't grow the hunk.
   * Also restored p_input_line when backtracking so error messages are right.
***************
*** 40,45
  static int p_indent;			/* indent to patch */
  static LINENUM p_base;			/* where to intuit this time */
  static LINENUM p_start;			/* where intuit found a patch */
  
  /* Prepare to look for the next patch in the patch file. */
  

--- 43,50 -----
  static int p_indent;			/* indent to patch */
  static LINENUM p_base;			/* where to intuit this time */
  static LINENUM p_start;			/* where intuit found a patch */
+ static LINENUM p_efake = -1;		/* end of faked up lines--don't free */
+ static LINENUM p_bfake = -1;		/* beg of faked up lines */
  
  /* Prepare to look for the next patch in the patch file. */
  
***************
*** 386,393
      Reg2 int context = 0;
  
      while (p_end >= 0) {
! 	free(p_line[p_end]);		/* Changed from postdecrement */
! 	p_end--;			/* by Keenan Ross for BSD2.9  */
      }
      assert(p_end == -1);
  

--- 391,401 -----
      Reg2 int context = 0;
  
      while (p_end >= 0) {
! 	if (p_end == p_efake)
! 	    p_end = p_bfake;		/* don't free twice */
! 	else
! 	    free(p_line[p_end]);
! 	p_end--;
      }
      assert(p_end == -1);
      p_efake = -1;
***************
*** 390,395
  	p_end--;			/* by Keenan Ross for BSD2.9  */
      }
      assert(p_end == -1);
  
      p_max = hunkmax;			/* gets reduced when --- found */
      if (diff_type == CONTEXT_DIFF || diff_type == NEW_CONTEXT_DIFF) {

--- 398,404 -----
  	p_end--;
      }
      assert(p_end == -1);
+     p_efake = -1;
  
      p_max = hunkmax;			/* gets reduced when --- found */
      if (diff_type == CONTEXT_DIFF || diff_type == NEW_CONTEXT_DIFF) {
***************
*** 637,642
  	
  	/* if there were omitted context lines, fill them in now */
  	if (fillcnt) {
  	    while (fillcnt-- > 0) {
  		while (p_char[fillsrc] != ' ')
  		    fillsrc++;

--- 646,653 -----
  	
  	/* if there were omitted context lines, fill them in now */
  	if (fillcnt) {
+ 	    p_bfake = filldst;		/* remember where not to free() */
+ 	    p_efake = filldst + fillcnt - 1;
  	    while (fillcnt-- > 0) {
  		while (p_char[fillsrc] != ' ')
  		    fillsrc++;

More information about the Comp.sources.bugs mailing list