Attached is a refreshed version of this patch that applies against current APR trunk (after the recent pollcb_wakeup() changes). The patch is now pretty trivial.
Note that if you want to backport this bug fix to the 1.4 branch, the previous version of the patch should be used. But perhaps the easiest route is to first backport the pollcb_wakeup() change, and then apply this version of the patch. Neil On Wed, Jan 6, 2010 at 9:06 PM, Neil Conway <[email protected]> wrote: > Attached is a slightly revised version of this patch. Changes: > > * Initialize the apr_pool_t field of the apr_pollfd_t we use for the > wakeup pipe. Not clear what this field is actually used for (candidate > for removal in APR2?), but we may as well be tidy. > > * Fix a minor bug in one of the versions of close_wakeup_pipe(): > initialize both "rv0" and "rv1", to avoid potentially reading an > uninitialized value. > > Neil > > On Wed, Jan 6, 2010 at 5:47 PM, Neil Conway <[email protected]> wrote: >> apr_pollset_wakeup() is buggy when used with APR_POLLSET_NOCOPY, >> because create_wakeup_pipe() passes a stack-allocated apr_pollfd_t to >> apr_pollset_add(). This is unsafe if the user specified >> APR_POLLSET_NOCOPY when creating the pollset. >> >> The attached patch fixes this by adding an apr_pollfd_t for the wakeup >> pipe to apr_pollset_t, so that it has a sufficiently-long-lived >> lifetime. >> >> Neil >> >
apr_pollset_wakeup_nocopy-3.patch
Description: Binary data
