Re: Stable release crashes on import

[Linus Torvalds]

On Mon, Apr 11, 2016 at 11:10 AM, Miika Turkia <miika.tur...@gmail.com> wrote:
>
> Seems that you were right about this (even though deciphering the
> instructions took a while :D) The attached patch works on my tests
> with the problematic input. It is against v4.5-branch.

No, try this instead. You still don't copy the dc properly. But the
allocations patterns may have changed enough to no longer crash.

Anyway, this should fix both the dc copy _and_ the real bug where we
overflow the samples.

             Linus

 dive.c                        | 7 +++----
 qt-ui/divelogimportdialog.cpp | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/dive.c b/dive.c
index 8dc43223e52c..f4552220f744 100644
--- a/dive.c
+++ b/dive.c
@@ -474,11 +474,10 @@ void copy_dive(struct dive *s, struct dive *d)
                d->weightsystem[i].description = 
copy_string(s->weightsystem[i].description);
        STRUCTURED_LIST_COPY(struct picture, s->picture_list, d->picture_list, 
copy_pl);
        STRUCTURED_LIST_COPY(struct tag_entry, s->tag_list, d->tag_list, 
copy_tl);
+
+       /* Copy the embedded dc first, then copy the list */
+       copy_dc(&s->dc, &d->dc);
        STRUCTURED_LIST_COPY(struct divecomputer, s->dc.next, d->dc.next, 
copy_dc);
-       /* this only copied dive computers 2 and up. The first dive computer is 
part
-        * of the struct dive, so let's make copies of its samples and events */
-       copy_samples(&s->dc, &d->dc);
-       copy_events(&s->dc, &d->dc);
 }
 
 /* make a clone of the source dive and clean out the source dive;
diff --git a/qt-ui/divelogimportdialog.cpp b/qt-ui/divelogimportdialog.cpp
index 67faadf91614..26d38788c2b0 100644
--- a/qt-ui/divelogimportdialog.cpp
+++ b/qt-ui/divelogimportdialog.cpp
@@ -774,7 +774,7 @@ void DiveLogImportDialog::on_buttonBox_accepted()
                                }
                                // Seabear CSV stores NDL and TTS in Minutes, 
not seconds
                                struct dive *dive = 
dive_table.dives[dive_table.nr - 1];
-                               for(int s_nr = 0 ; s_nr <= dive->dc.samples ; 
s_nr++) {
+                               for(int s_nr = 0 ; s_nr < dive->dc.samples ; 
s_nr++) {
                                        struct sample *sample = dive->dc.sample 
+ s_nr;
                                        sample->ndl.seconds *= 60;
                                        sample->tts.seconds *= 60;

_______________________________________________
subsurface mailing list
subsurface@subsurface-divelog.org
http://lists.subsurface-divelog.org/cgi-bin/mailman/listinfo/subsurface