Boost logo

Boost-Build :

Subject: Re: [Boost-build] build engine crashes when GLOBing paths with forward slashes on windows
From: Marc Dürner (marc.duerner_at_[hidden])
Date: 2012-02-23 06:21:08


Hello,

On 22 February 2012 22:23, Steven Watanabe wrote:
> AMDG
>
> On 02/16/2012 06:02 AM, Marc Dürner wrote:
>> I get a crash on windows when a path with forward slashes such as
>> /usr/include is passed to GLOB.
>
> I can't duplicate this with the current trunk.
> Do you have a test case for this?

It seems to be fixed, my version was a few weeks old. I am sorry about that,

However the code still looks a bit strange. there is a tricky
recursion. Please review if the following can still happen:

static void path_write_key( char * path_, string * out )
{
    struct path_key_entry e, *result = &e;
    OBJECT * path = object_new( path_ );

    /* This is only called by path_as_key, which initializes the cache. */
    assert( path_key_cache );

    result->path = path;
1: if ( hashenter( path_key_cache, (HASHDATA * *)&result ) )
    {
        /* path_ is already normalized. */
2: ShortPathToLongPath( path_, out );
3: result->key = object_new( out->value );
    }
    else
    {
        object_free( path );
4: string_append( out, object_str( result->key ) );
    }
}

Lets assume we enter path_write_key() with a path that is not in the
cache yet. The function hashenter() will return true if a new element
was added [1]. Eventually we reach [2] and enter
ShortPathToLongPath(), which calls path_write_key() again, in my case
protentially with the same path.The function hashenter will return
false in the following invokation of path_write_key(), because the
element is already in the cache. But it wasn't initialized yet,
because that happens at [3]. So we access uninitialized data in [4].

regards,
Marc


Boost-Build list run by bdawes at acm.org, david.abrahams at rcn.com, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk