[openchange][devel] openchangeclient crashes when fetching tasks

Tue, 11 May 2010 11:42:29 -0700 

        Hello,
I faced this issue when working on tasks fetching in Evolution. The
attached patch is a change for "openchangeclient --fetch-items=tasks"
where are not fetched all properties (by GetPropsAll), but is given a
list of named properties and prop tags which we know and it is requested
to fetch only them. I prefer this method, because of smaller network
bandwidth usage, when we are not fetching properties we have no idea
about.

These changes are mimic what evolution-mapi does when fetching
properties (more or less). The point is that the application crashed
after it fetched the second task and tried with the third. I guess it's
something with named properties, I do not know.

The backtrace of the crash is:
#0  0x000000393f0332f5 in raise () from /lib64/libc.so.6
#1  0x000000393f034b20 in abort () from /lib64/libc.so.6
#2  0x00007ffff76946a1 in talloc_abort (reason=0x7ffff77e8e50 "Bad
       talloc magic value - unknown value") at talloc.c:199
#3  0x00007ffff769473f in talloc_abort_unknown_value () at talloc.c:223
#4  0x00007ffff76947b6 in talloc_chunk_from_ptr (ptr=0x7fffffffce70)
       at talloc.c:242
#5  0x00007ffff7695734 in _talloc_steal_loc (new_ctx=0x65dc60,
    ptr=0x7fffffffce70, location=0x7ffff7db15a4 "libmapi/emsmdb.c:736")
       at talloc.c:744
#6  0x00007ffff7d14ae4 in emsmdb_get_SPropValue (mem_ctx=<value
    optimized out>, lp_ctx=<value optimized out>, content=0x66c590,
    tags=0x65b390, propvals=0x7fffffffd1a8, cn_propvals=<value optimized
    out>, flag=1 '\1') at libmapi/emsmdb.c:736
#7  0x00007ffff7cfe6d6 in GetProps (obj=0x7fffffffd0c0,
    SPropTagArray=0x65b390, lpProps=<value optimized out>,
    PropCount=0x7fffffffd1b8) at libmapi/IMAPIProp.c:152
#8  0x0000000000404e9c in openchangeclient_fetchitems (mem_ctx=<value
    optimized out>, obj_store=<value optimized out>, item=<value
    optimized out>, oclient=0x7fffffffdd10)
       at utils/openchangeclient.c:1909
#9  0x000000000040a0f5 in main (argc=<value optimized out>, argv=<value
       optimized out>) at utils/openchangeclient.c:3326

When I run valgrind on the same I get (as the first invalid read) this:
==14828== Invalid read of size 1
==14828==    at 0x4C67B4B: emsmdb_get_SPropValue (emsmdb.c:727)
==14828==    by 0x4C516D5: GetProps (IMAPIProp.c:152)
==14828==    by 0x404E9B: openchangeclient_fetchitems
           (openchangeclient.c:1909)
==14828==    by 0x40A0F4: main (openchangeclient.c:3326)
==14828==  Address 0x72cb596 is 0 bytes after a block of size 654
           alloc'd
==14828==    at 0x4A0763E: malloc (vg_replace_malloc.c:207)
==14828==    by 0x583BA2E: __talloc (talloc.c:405)
==14828==    by 0x583BD90: _talloc_named_const (talloc.c:516)
==14828==    by 0x583DDE3: _talloc_memdup (talloc.c:1552)
==14828==    by 0x58158CB: data_blob_named (data_blob.c:44)
==14828==    by 0x5815978: data_blob_talloc_named (data_blob.c:62)
==14828==    by 0x56C36CC: ndr_pull_DATA_BLOB (ndr_basic.c:1065)
==14828==    by 0x4CDDEE4: ndr_pull_EcDoRpc_MAPI_REPL_UNION
                           (ndr_exchange.c:17149)
==14828==    by 0x4C6CE99: ndr_pull_EcDoRpc_MAPI_REPL (ndr_mapi.c:593)
==14828==    by 0x4C6D30E: ndr_pull_mapi_response (ndr_mapi.c:514)
==14828==    by 0x4C6DCC8: ndr_pull_EcDoRpc (ndr_mapi.c:724)
==14828==    by 0x522DF66: dcerpc_ndr_request_recv (dcerpc.c:1487)
==14828==    by 0x522E14C: dcerpc_ndr_request (dcerpc.c:1544)
==14828==    by 0x4CE4471: dcerpc_EcDoRpc (ndr_exchange_c.c:1801)
==14828==    by 0x4C681AD: emsmdb_transaction (emsmdb.c:337)
==14828==    by 0x4C515AB: GetProps (IMAPIProp.c:136)
==14828==    by 0x404E9B: openchangeclient_fetchitems
                          (openchangeclient.c:1909)
==14828==    by 0x40A0F4: main (openchangeclient.c:3326)

The last read item was one I just created on my Exchange 2007 server in
Outlook. This is with openchange revision 1783.

Could you look at this and let me know what is wrong on this code,
please? I do not understand much talloc's errors like the above one:
"Bad talloc magic value - unknown value".
        Thanks and bye,
        Milan

Index: utils/openchangeclient.c
===================================================================
--- utils/openchangeclient.c	(revision 1783)
+++ utils/openchangeclient.c	(working copy)
@@ -1695,6 +1695,117 @@
 	return get_child_folders(mem_ctx, obj_store, id_mailbox, 0);
 }
 
+static void
+fill_task_props_tag_array (TALLOC_CTX *mem_ctx, mapi_object_t *obj_folder, struct SPropTagArray *propsTagArray)
+{
+	/* this is a list of all known calendar MAPI tag IDs;
+	   if you add new add it here too, otherwise it may not be fetched */
+	static uint32_t known_cal_mapi_ids[] = {
+		PR_7BIT_DISPLAY_NAME_UNICODE,
+		PR_ADDRTYPE_UNICODE,
+		PR_ATTACH_DATA_BIN,
+		PR_ATTACH_FILENAME_UNICODE,
+		PR_ATTACH_LONG_FILENAME_UNICODE,
+		PR_ATTACH_METHOD,
+		PR_BODY,
+		PR_BODY_UNICODE,
+		PR_CONVERSATION_TOPIC_UNICODE,
+		PR_CREATION_TIME,
+		PR_DISPLAY_NAME_UNICODE,
+		PR_DISPLAY_TYPE,
+		PR_END_DATE,
+		PR_FID,
+		PR_GIVEN_NAME_UNICODE,
+		PR_HTML,
+		PR_ICON_INDEX,
+		PR_IMPORTANCE,
+		PR_LAST_MODIFICATION_TIME,
+		PR_MESSAGE_CLASS,
+		PR_MESSAGE_FLAGS,
+		PR_MID,
+		PR_MSG_EDITOR_FORMAT,
+		PR_NORMALIZED_SUBJECT_UNICODE,
+		PR_OBJECT_TYPE,
+		PR_OWNER_APPT_ID,
+		PR_PRIORITY,
+		PR_PROCESSED,
+		PR_RCVD_REPRESENTING_ADDRTYPE_UNICODE,
+		PR_RCVD_REPRESENTING_EMAIL_ADDRESS_UNICODE,
+		PR_RCVD_REPRESENTING_NAME_UNICODE,
+		PR_RECIPIENT_DISPLAY_NAME_UNICODE,
+		PR_RECIPIENTS_FLAGS,
+		PR_RECIPIENT_TRACKSTATUS,
+		PR_RECIPIENT_TYPE,
+		PR_RENDERING_POSITION,
+		PR_RESPONSE_REQUESTED,
+		PR_RTF_IN_SYNC,
+		PR_SENDER_ADDRTYPE_UNICODE,
+		PR_SENDER_EMAIL_ADDRESS_UNICODE,
+		PR_SENDER_NAME_UNICODE,
+		PR_SEND_INTERNET_ENCODING,
+		PR_SENSITIVITY,
+		PR_SENT_REPRESENTING_ADDRTYPE_UNICODE,
+		PR_SENT_REPRESENTING_EMAIL_ADDRESS_UNICODE,
+		PR_SENT_REPRESENTING_NAME_UNICODE,
+		PR_SMTP_ADDRESS_UNICODE,
+		PR_START_DATE,
+		PR_SUBJECT_UNICODE,
+		0
+	};
+
+	uint32_t nids[] = {
+		PidLidGlobalObjectId, 
+		PidLidCleanGlobalObjectId,
+		PidLidAppointmentRecur,
+		PidLidAppointmentTimeZoneDefinitionStartDisplay,
+		PidLidAppointmentTimeZoneDefinitionEndDisplay,
+		PidLidTaskFRecurring,
+		PidLidAppointmentSubType,
+		PidLidRecurring,
+		PidLidReminderSet,
+		PidLidPercentComplete,
+		PidLidTaskStatus,
+		PidLidAppointmentSequence,
+		PidLidBusyStatus,
+		PidLidLocation,
+		PidLidTaskStartDate,
+		PidLidTaskDueDate,
+		PidLidTaskDateCompleted,
+		PidLidAppointmentStartWhole,
+		PidLidAppointmentEndWhole,
+		PidLidReminderTime,
+		PidLidReminderSignalTime,
+		0
+	};
+
+	uint32_t i;
+	struct mapi_nameid *nameid;
+	struct SPropTagArray *SPropTagArray;
+
+	nameid = mapi_nameid_new (mem_ctx);
+	for (i = 0; nids[i]; i++) {
+		if (mapi_nameid_canonical_add (nameid, nids[i]) != MAPI_E_SUCCESS) {
+			printf ("Failed to add task's named id %X (at index %d)\n", nids[i], i);
+		}
+	}
+
+	SPropTagArray = talloc_zero (mem_ctx, struct SPropTagArray);
+
+	if (mapi_nameid_GetIDsFromNames (nameid, obj_folder, SPropTagArray) != MAPI_E_SUCCESS) {
+		mapi_errstr ("mapi_nameid_GetIDsFromNames", GetLastError());
+		return;
+	}
+
+	for (i = 0; i < SPropTagArray->cValues; i++) {
+		if ((SPropTagArray->aulPropTag[i] & 0xFFFF) != PT_ERROR)
+			SPropTagArray_add (mem_ctx, propsTagArray, SPropTagArray->aulPropTag[i]);
+	}
+
+	for (i = 0; known_cal_mapi_ids[i]; i++) {
+		SPropTagArray_add (mem_ctx, propsTagArray, known_cal_mapi_ids[i]);
+	}
+}
+
 static bool openchangeclient_fetchitems(TALLOC_CTX *mem_ctx, mapi_object_t *obj_store, const char *item,
 					struct oclient *oclient)
 {
@@ -1706,7 +1817,7 @@
 	mapi_id_t			fid;
 	uint32_t			olFolder = 0;
 	struct SRowSet			SRowSet;
-	struct SPropTagArray		*SPropTagArray;
+	struct SPropTagArray		*SPropTagArray, *propsTagArray = NULL;
 	struct mapi_SPropValue_array	properties_array;
 	uint32_t			count;
 	uint32_t       			i;
@@ -1768,6 +1879,11 @@
 	MAPIFreeBuffer(SPropTagArray);
 	if (retval != MAPI_E_SUCCESS) return false;
 
+	if (olFolder == olFolderTasks) {
+		propsTagArray = set_SPropTagArray (mem_ctx, 0x1, PR_MESSAGE_CLASS);
+		fill_task_props_tag_array (mem_ctx, &obj_folder, propsTagArray);
+	}
+
 	while ((retval = QueryRows(&obj_table, count, TBL_ADVANCE, &SRowSet)) != MAPI_E_NOT_FOUND && SRowSet.cRows) {
 		count -= SRowSet.cRows;
 		for (i = 0; i < SRowSet.cRows; i++) {
@@ -1780,7 +1896,27 @@
 				if (oclient->summary) {
 					mapidump_message_summary(&obj_message);
 				} else {
-					retval = GetPropsAll(&obj_message, &properties_array);
+					if (olFolder == olFolderTasks) {
+						struct SPropValue *lpProps;
+						struct SPropTagArray *tags;
+						uint32_t prop_count = 0, k;
+						/* we need to make a local copy of the tag array
+						 * since GetProps will modify the array on any
+						 * errors */
+						tags = set_SPropTagArray (mem_ctx, 0x1, propsTagArray->aulPropTag[0]);
+						for (k = 1; k < propsTagArray->cValues; k++)
+							SPropTagArray_add (mem_ctx, tags, propsTagArray->aulPropTag[k]);
+						retval = GetProps (&obj_message, tags, &lpProps, &prop_count);
+
+						MAPIFreeBuffer (tags);
+						properties_array.lpProps = talloc_zero_array (mem_ctx, struct mapi_SPropValue, prop_count + 1);
+						properties_array.cValues = prop_count;
+						for (k=0; k < prop_count; k++) {
+							cast_mapi_SPropValue (&properties_array.lpProps[k], &lpProps[k]);
+						}
+					} else {
+						retval = GetPropsAll(&obj_message, &properties_array);
+					}
 					if (retval == MAPI_E_SUCCESS) {
 						id = talloc_asprintf(mem_ctx, ": %"PRIX64"/%"PRIX64,
 								     SRowSet.aRow[i].lpProps[0].value.d,

_______________________________________________
devel mailing list
[email protected]
http://mailman.openchange.org/listinfo/devel

Reply via email to