[Rpm-maint] Problems in rpmstrPoolRehash function

Wed Sep 11 17:09:29 UTC 2013

Hi rpm Maintainers,

I think I've found two bugs in the rpmstrPoolRehash() function:

 1) IMHO there's an off-by-one in the for loop: pool->offs_size is
    the last used id, thus it should be "<=" instead of "<".

 2) the function should to skip the "dummy" entries that are put
    at the end of each chunk.

A chunk looks like this:

foo\0bar\0...\0baz\0
^    ^    ^    ^    ^

The dummy entry is there to make rpmstrPoolStrlen() work.
Putting it in the hash is wrong. I've changed the code so that:

- \0 is written to where the dummy entries point (not strictly
  needed as chunks are allocated with calloc, but nevertheless
  good style).
- the rpmstrPoolRehash() loop checks if the string is of size
  zero (true for dummy entries). If that's the case it checks
  if the next string does not start after the \0, if that's
  also true it is a dummy entry.

There are different (and easier) ways to fix this:

- you can always put an empty string into the pool, it would always
  have id 1. This simplifies the dummy entry check to:
      if (i != 1 && str[0] == 0)

- you could get rid of the dummy entries and remove the
  rpmstrPoolStrlen() function. It's only used 5 times in the code
  and calling strlen() on the returned string does not cost much.

Hmm, I just see that the code in rpmfc.c also loops over the ids
including the dummy entries. Oh my. rpmfcApply() should at least
ignore "" entries. And it seems to modify the string returned
from the strpool. Oh my again. (But using strtol() to convert
a "const char *" to a "char *" is clever.)

Cheers,
  Michael.

-- 
Michael Schroeder                                   mls at suse.de
SUSE LINUX Products GmbH,  GF Jeff Hawn, HRB 16746 AG Nuernberg
main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: strpoolrehash.diff
Type: text/x-patch
Size: 1743 bytes
Desc: not available
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20130911/ce988e05/attachment.bin>