Your message dated Thu, 01 Nov 2018 19:56:19 +0000
with message-id <[email protected]>
and subject line Bug#893688: fixed in serf 1.3.9-3+deb9u1
has caused the Debian Bug report #893688,
regarding libserf-1-1: bzr-svn segfaults in serf_bucket_aggregate_append
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
893688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893688
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libserf-1-1
Version: 1.3.9-5
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu bionic ubuntu-patch
bzr-svn segfaults due to a list management bug in
serf_bucket_aggregate_append. This is unfortunately hard to observe
because bzr-svn isn't in Debian any more and various things around it
have bitrotted a bit, but we still rely on it for Subversion imports in
Launchpad, and it is possible to set up a reproduction environment in
unstable with a bit of hacking.
First, install bzr from unstable.
Next, grab commit 01cfebd2e32b940ddfa55373640907b39da8413f of subvertpy
(https://github.com/jelmer/subvertpy), which makes a bit of API that
bzr-svn needs available with modern versions of Subversion, and build it
("sudo apt build-dep python-subvertpy && make").
Next, grab bzr-svn ("bzr branch lp:bzr-svn"). It's a bit broken with
modern versions of libsvn; I had to apply the following hacky patch,
which is almost certainly not quite right in some way (which is why I
haven't submitted it yet), but it'll do for the purposes of this bug:
=== modified file 'logwalker.py'
--- logwalker.py 2012-03-08 17:52:35 +0000
+++ logwalker.py 2018-03-21 08:25:52 +0000
@@ -206,7 +206,8 @@ class CachingLogWalkerUpdater(object):
self.count += 1
self.pb.update('fetching svn revision info', self.count, self.total)
self.logwalker.cache.insert_paths(revision, orig_paths,
- revprops, self.all_revprops)
+ {key.encode("UTF-8"): value for key, value in revprops.items()},
+ self.all_revprops)
self.logwalker.saved_maxrevnum = max(revision,
self.logwalker.saved_maxrevnum)
if self.logwalker.saved_minrevnum is None:
=== modified file 'transport.py'
--- transport.py 2012-03-08 17:52:35 +0000
+++ transport.py 2018-03-21 08:21:59 +0000
@@ -440,7 +440,7 @@ class SvnRaTransport(Transport):
if self._uuid is None:
conn = self.get_any_connection()
try:
- return conn.get_uuid()
+ return conn.get_uuid().encode("UTF-8")
finally:
self.add_connection(conn)
return self._uuid
@@ -456,7 +456,7 @@ class SvnRaTransport(Transport):
if self._repos_root is None:
conn = self.get_any_connection()
try:
- self._repos_root = conn.get_repos_root()
+ self._repos_root = conn.get_repos_root().encode("UTF-8")
finally:
self.add_connection(conn)
return self._repos_root
Make ~/.bazaar/plugins/svn be a symlink to the bzr-svn branch.
Now try this branch operation, with PYTHONPATH adjusted to point to
wherever you cloned subvertpy:
PYTHONPATH=/path/to/subvertpy bzr branch
https://svn.code.sf.net/p/truckliststudio/svn/trunk truckliststudio
The fix is rather easier than describing the setup, since it was fixed
upstream some time ago:
https://svn.apache.org/viewvc?view=revision&revision=1712790
diff -Nru serf-1.3.9/debian/changelog serf-1.3.9/debian/changelog
--- serf-1.3.9/debian/changelog 2018-02-05 23:28:07.000000000 +0000
+++ serf-1.3.9/debian/changelog 2018-03-20 12:41:54.000000000 +0000
@@ -1,3 +1,10 @@
+serf (1.3.9-5) UNRELEASED; urgency=medium
+
+ * Backport r1712790 from upstream to fix a segfault in
+ serf_bucket_aggregate_prepend when prepending a bucket to an empty list.
+
+ -- Colin Watson <[email protected]> Tue, 20 Mar 2018 12:41:52 +0000
+
serf (1.3.9-4) unstable; urgency=medium
* Mark serf_debug_closed_conn as a public symbol, since svn has been using
diff -Nru
serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
--- serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
1970-01-01 01:00:00.000000000 +0100
+++ serf-1.3.9/debian/patches/r1712790-serf_bucket_aggregate_prepend-empty-list
2017-05-16 14:32:26.000000000 +0100
@@ -0,0 +1,34 @@
+Description: Make serf_bucket_aggregate_prepend() behave properly when
prepending a bucket to an empty list
+Origin: upstream, https://svn.apache.org/viewvc?view=revision&revision=1712790
+
+Index: b/buckets/aggregate_buckets.c
+===================================================================
+--- a/buckets/aggregate_buckets.c
++++ b/buckets/aggregate_buckets.c
+@@ -149,6 +149,8 @@
+ new_list->bucket = prepend_bucket;
+ new_list->next = ctx->list;
+
++ if (ctx->list == NULL)
++ ctx->last = new_list;
+ ctx->list = new_list;
+ }
+
+@@ -278,6 +280,8 @@
+
+ /* If we have no more in our list, return EOF. */
+ if (!ctx->list) {
++ ctx->last = NULL;
++
+ if (ctx->hold_open) {
+ return ctx->hold_open(ctx->hold_open_baton, bucket);
+ }
+@@ -390,6 +394,8 @@
+
+ /* If we have no more in our list, return EOF. */
+ if (!ctx->list) {
++ ctx->last = NULL;
++
+ if (ctx->hold_open) {
+ return ctx->hold_open(ctx->hold_open_baton, bucket);
+ }
diff -Nru serf-1.3.9/debian/patches/series serf-1.3.9/debian/patches/series
--- serf-1.3.9/debian/patches/series 2017-11-13 02:19:32.000000000 +0000
+++ serf-1.3.9/debian/patches/series 2018-03-20 12:38:28.000000000 +0000
@@ -1,2 +1,3 @@
libtool
r1792234-expired-certs
+r1712790-serf_bucket_aggregate_prepend-empty-list
--
Colin Watson [[email protected]]
--- End Message ---
--- Begin Message ---
Source: serf
Source-Version: 1.3.9-3+deb9u1
We believe that the bug you reported is fixed in the latest version of
serf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James McCoy <[email protected]> (supplier of updated serf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 28 Oct 2018 19:52:35 -0400
Source: serf
Binary: libserf-1-1 libserf-dev
Architecture: source
Version: 1.3.9-3+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: James McCoy <[email protected]>
Changed-By: James McCoy <[email protected]>
Description:
libserf-1-1 - high-performance asynchronous HTTP client library
libserf-dev - high-performance asynchronous HTTP client library headers
Closes: 893688 911714
Changes:
serf (1.3.9-3+deb9u1) stretch; urgency=medium
.
* Backport r1712790 from upstream to fix NULL pointer dereference.
Thanks to Colin Watson for investigation and report (Closes: #893688)
* Backport create_certs.py from upstream to generate certs at test time
(Closes: #911714)
Checksums-Sha1:
67bd63cae6e86d9edd0d19169f45906459ca19db 2159 serf_1.3.9-3+deb9u1.dsc
ec318ad510030cbe0e722ceb4d092021b37d7849 623148 serf_1.3.9-3+deb9u1.diff.gz
3b68e093f90cf55eb6ddb8d345b86c2fc37d5d9c 8396
serf_1.3.9-3+deb9u1_amd64.buildinfo
Checksums-Sha256:
0166287526c86a4eb4b368ecd72fc34fe73938ae4137be44395f9ac2124563db 2159
serf_1.3.9-3+deb9u1.dsc
fde6fcfafe87838bd31a71e723ddf0d0ef58e255b3dbd015efd44d9f3a984e85 623148
serf_1.3.9-3+deb9u1.diff.gz
748d84e18bf2f61ed19639c05114e2a9faaa02e21a7c8a22f45b33fcad3602cd 8396
serf_1.3.9-3+deb9u1_amd64.buildinfo
Files:
057e4b7cabb32e3945331eb47aaeb201 2159 libs optional serf_1.3.9-3+deb9u1.dsc
0cf54fec2fd4b7fc088996ef97c1f03b 623148 libs optional
serf_1.3.9-3+deb9u1.diff.gz
a66e8b1ffc65e1d9c8d64e294c3bedaf 8396 libs optional
serf_1.3.9-3+deb9u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAlvWT41fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx
QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIACgkQ3+aRrjMb
o9sRRw//R0wH06Z9OncdHyxlLSp7ZApIYX7Gx2YoYJZmOOi0C0M+HZ4I/G2NADEW
7D1jXl0Kc6pia1E+k3p2o77Tvs/AjTXk1MPmn0oBhyfqUNHeefkVSAxAdUzPGfiB
ksDAqJY/8eTs2rZg5Aqk2NIsqJyi/5eKPWLwGhx6ClTRfAHNWoR1kZy13gMPxEaQ
GGCkUX9kDN0PawW9Xpx0qeR7XnQjeAI239Wj+JuK9RofHNqlejScsX0h4vg6yO+w
EQybWDOFxLD9kJt/NEPprfC2mUXnG2yVEkCEcIOTYj6Og0giq4fqMSyy6YdlXOct
M9ATMMdkQuTZtZZXKHPqs/jm2x265xylA7to3lXFd8BWW5gXJb66GXiongUj4YXH
W10Cvch2nwgswxmNI6rDmFNU7cHJRXPBbkJ27XAZsIuFgQ6N3PTjbULXomXF01kA
uuVqLQn0J7YxdKm4BlcURKOsbj18GArw5uZnc9ARCNQut3vXGdVyWVuZ7lS4t6na
Qdu+SG3mimuV+qyLbdcYp5uqGpZPuS88KGaHNQyPqUVaZLwHrSnv1/pTflq3xHaw
e5Cp+4N3OCQTG9AJdGl2GsAPq/dgaXGJMpm93l7y1C1cKvp2d9tVTCCgn0PMLErh
dogkppi+vwXHObcv4BuJf0QohJyHDI2Si0WoUvgKs/CGCmQDu7U=
=7490
-----END PGP SIGNATURE-----
--- End Message ---
