v20i056: Maintain multiple databases of textual data

Ray Moody ray at dirac.physics.purdue.edu
Sun Dec 10 09:27:27 AEST 1989 

Description:
	Index (posted to comp.sources.unix in late October) can dump core.

	It assumes that memory returned by malloc() and realloc() is zero'ed.
	When it isn't, there is a 50-50 chance that the valid bit will be set
	on an entry that has character pointers pointing into nowhere.

Repeat-By:
	Since malloc() typically returns random stuff, this bug is hard to
	repeat.  I found that the best way was to run index without any
	arguments and select a database that didn't yeat have a .db file
	associated with it.  Add a new entry, and then try to save the
	database.

Fix:
	RCS file: /a/ray/src/index/RCS/dbio.c,v
	retrieving revision 1.1
	retrieving revision 1.1.1.1
	diff -c -r1.1 -r1.1.1.1
	*** /tmp/,RCSt1a06179	Sat Dec  9 17:25:22 1989
	--- /tmp/,RCSt2a06179	Sat Dec  9 17:25:22 1989
	***************
	*** 1,5 ****
	  #ifndef lint
	! static char *RCSid = "$Header: /a/ray/src/index/RCS/dbio.c,v 1.1 89/08/09 11:06:36 davy Exp $";
	  #endif
	  /*
	   * dbio.c - database input/output routines.
	--- 1,5 ----
	  #ifndef lint
	! static char *RCSid = "$Header: /a/ray/src/index/RCS/dbio.c,v 1.1.1.1 89/12/09 17:07:09 ray Exp $";
	  #endif
	  /*
	   * dbio.c - database input/output routines.
	***************
	*** 12,17 ****
	--- 12,20 ----
	   * davy at riacs.edu
	   *
	   * $Log:	dbio.c,v $
	+  * Revision 1.1.1.1  89/12/09  17:07:09  ray
	+  * Fixed core dump.
	+  * 
	   * Revision 1.1  89/08/09  11:06:36  davy
	   * Initial revision
	   * 
	***************
	*** 117,122 ****
	--- 120,126 ----
	  {
	  	FILE *fp;
	  	register int i;
	+ 	int j;
	  	struct dbfile *malloc(), *realloc();
	  	char buf[BUFSIZ], dbfile[MAXPATHLEN];
	  
	***************
	*** 133,138 ****
	--- 137,150 ----
	  	}
	  
	  	/*
	+ 	 * Fixed Sat Dec  9 16:46:05 EST 1989 by Ray (ray at physics.purdue.edu).
	+ 	 * Mark all freshely allocated entrys as invalid.
	+ 	 */
	+ 	for (j = 0; j < dbsize; j++) {
	+ 		db[j].db_flag = 0;
	+ 	}
	+ 
	+ 	/*
	  	 * Construct the name of the file.
	  	 */
	  	sprintf(dbfile, "%s/%s%s", dbasedir, dbname, DBFILE_SUFFIX);
	***************
	*** 157,162 ****
	--- 169,183 ----
	  			if (db == NULL) {
	  				error("%s: out of memory.\n", pname, 0, 0);
	  				exit(1);
	+ 			}
	+ 			
	+ 			/*
	+ 			 * Fixed Sat Dec  9 16:46:05 EST 1989 by Ray
	+ 			 * (ray at physics.purdue.edu). Mark all freshely 
	+ 			 * allocated entrys as invalid.
	+ 			 */
	+ 			for (j = dbentries; j < dbsize; j++) {
	+ 				db[j].db_flag = 0;
	  			}
	  		}

More information about the Comp.sources.bugs mailing list