Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

v1.3.16 - fix freeing freed buffer problem

v1.3.16 - bug21221 -  When reading a very large header which results in
an out of memory error a header buffer resource would be put
back onto the free list twice thus signalling an error.  This fixes
that bug.

Are there user visible changes in this commit?  no

Is bootstrapping needed?   no

Are tests included for new features?  no new features

Tests run:  t-aserve

Change-Id: Ic21d7fd537c89adc9a61a771883726446a18d31b
  • Loading branch information...
commit 4aa8a33ea8b3d18dc8e14458d87f9ce316c28d0c 1 parent a491b2b
John Foderaro authored dklayer committed
Showing with 20 additions and 6 deletions.
  1. +11 −4 main.cl
  2. +9 −2 packages.cl
View
15 main.cl
@@ -38,7 +38,7 @@
#+ignore
(check-smp-consistency)
-(defparameter *aserve-version* '(1 3 15))
+(defparameter *aserve-version* '(1 3 16))
(eval-when (eval load)
(require :sock)
@@ -1841,9 +1841,16 @@ by keyword symbols and not by strings"
; we handle the case of a blank line before the command
; since the spec says that we should (even though we don't have to)
-
- (multiple-value-setq (buffer end)
- (read-sock-line sock buffer 0 chars-seen))
+
+ (let ((nbuffer buffer))
+ ;; read-sock-line will not return if an error is
+ ;; signalled in it in which case it may have freed
+ ;; the buffer passed to it already. So we play
+ ;; it safe and ensure that buffer is nil to prevent
+ ;; the freeing in the cleanup form below.
+ (setq buffer nil)
+ (multiple-value-setq (buffer end)
+ (read-sock-line sock nbuffer 0 chars-seen)))
(if* (null end)
View
11 packages.cl
@@ -1,5 +1,11 @@
+#+(version= 9 0)
+(sys:defpatch "aserve" 1
+ "v1: 1.3.16: fix freeing freed buffer."
+ :type :system
+ :post-loadable t)
+
#+(version= 8 2)
-(sys:defpatch "aserve" 13
+(sys:defpatch "aserve" 14
"v1: version 1.2.67, implement keep-alive in allegroserve client;
v2: 1.2.68, obey keep-alive requests for PUT and POST requests;
v3: 1.2.69, make logging though method specialized on wserver class;
@@ -21,7 +27,8 @@ v12: 1.3.12: make aserve compatible with patch inflate.003,
request-query cache includes external-format as a key,
send cookies on one line as per rfc6265,
add support for ssl CRLs.
-v13: 1.3.13: improve debugging facilities."
+v13: 1.3.13: improve debugging facilities;
+v14: 1.3.16: fix freeing freed buffer."
:type :system
:post-loadable t)
Please sign in to comment.
Something went wrong with that request. Please try again.