[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 1.11.22 and MSVC
Mark D. Baushke
Re: 1.11.22 and MSVC
Sun, 23 Jul 2006 10:00:42 -0700
Sergei Antonov <firstname.lastname@example.org> writes:
> I've found several bugs in cvs-1.11.22 under Windows using MSVC 6.0 and 8.0.
Thank you very much for your report.
> BUG #1
> free (cvs_password);
> in src/login.c
> and line
> free (password);
> in src/client.c
> both free the same buffer, so, when the "login" command is being executed,
> "free (cvs_password);" tries to free an already freed pointer. Debug runtime
> checks in MSVC catch this.
Hmmm... on the other hand, there are other code paths that need the
password returned by get_cvs_password to be freed. See the patch below.
I don't have time to test this right now, so if you could rerun your
test to see if it works, that would be great.
> BUG #2
> cvs.exe compiled for 64-bit Windows cannot set correct filetime during the
> checkout command. The most correct way to fix this is to add preprocessor
> definition HAVE_SYS_UTIME_H to all relevant .dsp files. MSVC (at leat
> 6.0and later) does have sys/utime.h.
I'll have to let our windows-NT maintainers deal with this one. I do not
know which MSVC revision they are intending to use as we move forward.
> BUG #3
> All .dsw and .dsp files must have \r\n line ends instead of \n line ends.
> Without that Visual Studio doesn't open them.
They probably started life this way and had the line endings changed by
checkout from a UNIX box because the files are not -kb in nature. If you
checkout a copy of the cvs1-11-x-branch directly, I suspect things
> I also tried to compile the latest ccvs from the repository using MSVC 8.0.
> I didn't succeed but found two errors in windows-NT/dirent.c in lines
> dirp = xmalloc (sizeof DIR);
> dp = xmalloc (sizeof struct _dircontents);
> According to C standard, sizeof operand which is a type must be
In C89, section '126.96.36.199 The sizeof operator' we see this:
The sizeof operator results in a
value that is the size, in bytes, of the variable or type that it
precedes. This operator has two forms. If it is applied to a type, then
sizeof takes this form:
That is, the type name must be enclosed within parenthesis. If sizeof is
applied to a variable, you may use this form:
In this case, no parenthesis are necessary.
So, I have committed a fix for this in the FEATURE branch (currently
top-of-tree of the repository). If you update your tree, you should find
that it will no longer have this problem.
Untested fix for duplicate free() problem. It would be good to know
which code path you were exercising to get the duplicate free() so that
a test may be added to the sanity.sh test cases.
--- cvs-1.11.22/src/client.c~ Thu Jun 8 07:36:03 2006
+++ cvs-1.11.22/src/client.c Sun Jul 23 09:17:01 2006
@@ -3919,9 +3919,8 @@ auth_server (root, lto_server, lfrom_ser
- /* Paranoia. */
- memset (password, 0, strlen (password));
- free (password);
+ free_cvs_password (password);
+ password = NULL;
# else /* ! AUTH_CLIENT_SUPPORT */
error (1, 0, "INTERNAL ERROR: This client does not support pserver
# endif /* AUTH_CLIENT_SUPPORT */
--- cvs-1.11.22/src/cvs.h~ Mon May 15 17:59:21 2006
+++ cvs-1.11.22/src/cvs.h Sun Jul 23 09:38:24 2006
@@ -916,6 +916,7 @@ char *descramble PROTO ((char *str));
char *get_cvs_password PROTO((void));
+void free_cvs_password PROTO((char *str));
int get_cvs_port_number PROTO((const cvsroot_t *root));
char *normalize_cvsroot PROTO((const cvsroot_t *root));
#endif /* AUTH_CLIENT_SUPPORT */
--- cvs-1.11.22/src/login.c~ Thu May 4 08:13:41 2006
+++ cvs-1.11.22/src/login.c Sun Jul 23 09:42:49 2006
@@ -566,17 +566,30 @@ login (argc, argv)
password_entry_operation (password_entry_add, current_parsed_root,
- memset (typed_password, 0, strlen (typed_password));
- free (typed_password);
- free (cvs_password);
+ free_cvs_password (typed_password);
- cvs_password = NULL;
+free_cvs_password (char *password)
+ if (password && password != cvs_password)
+ memset (password, 0, strlen (password));
+ free (password);
+ if (cvs_password)
+ memset (cvs_password, 0, strlen (cvs_password));
+ free (cvs_password);
+ cvs_password = NULL;
/* Returns the _scrambled_ password. The server must descramble
before hashing and comparing. If password file not found, or
- 1.11.22 and MSVC, Sergei Antonov, 2006/07/23
- Re: 1.11.22 and MSVC,
Mark D. Baushke <=
- Re: 1.11.22 and MSVC, Sergei Antonov, 2006/07/25
- Re: 1.11.22 and MSVC, Spiro Trikaliotis, 2006/07/25
- Re: 1.11.22 and MSVC, Mark D. Baushke, 2006/07/26
- Re: 1.11.22 and MSVC, Spiro Trikaliotis, 2006/07/26
- Re: 1.11.22 and MSVC, Sergei Antonov, 2006/07/26
- Re: 1.11.22 and MSVC, Jim Hyslop, 2006/07/26