https://issues.apache.org/bugzilla/show_bug.cgi?id=52559
--- Comment #3 from Diego Santa Cruz <[email protected]> 2012-01-30 12:43:07 UTC --- Created attachment 28230 --> https://issues.apache.org/bugzilla/attachment.cgi?id=28230 Do not segfault on PROPFIND with a zero length DBM As described above, when httpd segfaults during the PROPPATCH it leaves a zero length DBM if no other dead properties existed for the resource. Doing a PROPFIND on the resource segfaults httpd. The cause of the segfault is that dav_get_allprops() does not check the return value of the first_name() nor next_name() DB hooks for errors. When the DBM is of zero length (both the .dir and .pag files are zero length) first_name() returns an error and leaves its 'name' argument uninitialized. But then 'name.ns' is accessed just after the first_name() call, possibly causing a segfault or other errors as 'name' is stack allocated. The attached patch changes this so that the return value of first_name() and next_name() is checked and the while loop on the properties be stopped in case of error. As it seems that dav_get_allprops() cannot return an error I could not see another way to handle this situation and this is how errors on the output_value() hook call are treated within dav_get_allprops() anyhow. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
