Closed Bug 492170 Opened 11 years ago Closed 11 years ago
Crash or data corruption in NSPR's Transmit
File and Send File on HPUX
While working on bug 439144, by code inspection, Wan-Teh found a nasty bug in a routine common to NSPR sendfile and transmit file on HPUX only. This may well have been causing crashes or data corruption in sent files. The patch he wrote for it is: >@@ -1012,17 +1012,17 @@ static PRBool pt_hpux_sendfile_cont(pt_C >- hdtrl.iov_base = ((char *) hdtrl.iov_len) + count; >+ hdtrl.iov_base = ((char *) hdtrl.iov_base) + count; > hdtrl.iov_len -= count;
This bug was introduced in NSPR 3.5 in 1999, and has been present in all version of NSPR for HPUX produced since then.
Version: 4.6 → 3.5
I guess it's extremely rare for a non-blocking sendfile call to be unable to send the entire header before blocking, which is why we haven't seen reports of this crash.
Attachment #376582 - Flags: review?(nelson)
Comment on attachment 376582 [details] [diff] [review] Proposed patch r=nelson
Attachment #376582 - Flags: review?(nelson) → review+
I checked in the patch on the NSPR trunk (NSPR 4.8). Checking in ptio.c; /cvsroot/mozilla/nsprpub/pr/src/pthreads/ptio.c,v <-- ptio.c new revision: 3.113; previous revision: 3.112 done
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Whiteboard: [consider for 4.7.5]
Target Milestone: --- → 4.8
I backported the patch (attachment 376582 [details] [diff] [review]) to the NSPR_4_7_BRANCH for NSPR 4.7.5. Checking in ptio.c; /cvsroot/mozilla/nsprpub/pr/src/pthreads/ptio.c,v <-- ptio.c new revision: 22.214.171.124; previous revision: 3.110 done
Whiteboard: [consider for 4.7.5] → [4.7.5]
You need to log in before you can comment on or make changes to this bug.