svn commit: r1518225 - /tomcat/native/branches/1.1.x/native/src/network.c

Wed, 28 Aug 2013 07:52:45 -0700 

Author: schultz
Date: Wed Aug 28 14:52:00 2013
New Revision: 1518225

URL: http://svn.apache.org/r1518225
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=51813

Add NULL-checking for s->net to avoid SIGSEGV in situations where it appears a 
socket has been recycled.

Modified:
    tomcat/native/branches/1.1.x/native/src/network.c

Modified: tomcat/native/branches/1.1.x/native/src/network.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/branches/1.1.x/native/src/network.c?rev=1518225&r1=1518224&r2=1518225&view=diff
==============================================================================
--- tomcat/native/branches/1.1.x/native/src/network.c (original)
+++ tomcat/native/branches/1.1.x/native/src/network.c Wed Aug 28 14:52:00 2013
@@ -439,6 +439,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, send)(T
         return -(jint)APR_ENOTSOCK;
     }
     TCN_ASSERT(s->opaque != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 #ifdef TCN_DO_STATISTICS
     sp_max_send = TCN_MAX(sp_max_send, nbytes);
     sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -515,6 +519,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendb)(
     }
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(buf != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 #ifdef TCN_DO_STATISTICS
     sp_max_send = TCN_MAX(sp_max_send, nbytes);
     sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -555,6 +563,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendib)
     }
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(buf != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 #ifdef TCN_DO_STATISTICS
     sp_max_send = TCN_MAX(sp_max_send, nbytes);
     sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -589,6 +601,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendbb)
     }
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(s->jsbbuff != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 #ifdef TCN_DO_STATISTICS
     sp_max_send = TCN_MAX(sp_max_send, nbytes);
     sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -625,6 +641,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendibb
     }
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(s->jsbbuff != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 #ifdef TCN_DO_STATISTICS
     sp_max_send = TCN_MAX(sp_max_send, nbytes);
     sp_min_send = TCN_MIN(sp_min_send, nbytes);
@@ -656,6 +676,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, sendv)(
     UNREFERENCED(o);
     TCN_ASSERT(sock != 0);
     TCN_ASSERT(s->opaque != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     nvec = (*e)->GetArrayLength(e, bufs);
     if (nvec >= APR_MAX_IOVEC_SIZE)
@@ -726,6 +750,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recv)(T
     UNREFERENCED(o);
     TCN_ASSERT(sock != 0);
     TCN_ASSERT(s->opaque != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     if (toread <= TCN_BUFFER_SZ) {
         char sb[TCN_BUFFER_SZ];
@@ -783,6 +811,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvt)(
     TCN_ASSERT(sock != 0);
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(buf != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     if ((ss = (*s->net->timeout_get)(s->opaque, &pt)) != APR_SUCCESS) {
         TCN_ERROR_WRAP(ss);
@@ -855,6 +887,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvb)(
     }
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(buf != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     bytes  = (char *)(*e)->GetDirectBufferAddress(e, buf);
     TCN_ASSERT(bytes != NULL);
@@ -903,6 +939,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbb)
     TCN_ASSERT(sock != 0);
     TCN_ASSERT(s->opaque != NULL);
     TCN_ASSERT(s->jrbbuff != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     ss = (*s->net->recv)(s->opaque, s->jrbbuff + offset, &nbytes);
 #ifdef TCN_DO_STATISTICS
@@ -954,6 +994,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbt)
     }
     TCN_ASSERT(buf != NULL);
     TCN_ASSERT(s->opaque != NULL);
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     bytes  = (char *)(*e)->GetDirectBufferAddress(e, buf);
     TCN_ASSERT(bytes != NULL);
@@ -1023,7 +1067,10 @@ TCN_IMPLEMENT_CALL(jint, Socket, recvbbt
     }
     TCN_ASSERT(s->jrbbuff != NULL);
     TCN_ASSERT(s->opaque != NULL);
-
+    if(!s->net) {
+        tcn_ThrowAPRException(e, APR_EINVALSOCK);
+        return -(jint)APR_EINVALSOCK;
+    }
 
     if ((ss = (*s->net->timeout_get)(s->opaque, &pt)) != APR_SUCCESS) {
         TCN_ERROR_WRAP(ss);



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to