memcached bugreport

[Brad Fitzpatrick]

Thomas,

I see what you mean now, thanks!  Checking in the fix now & will give you
credit...

This warrants putting out a new release.  I wonder how many people have
gotten bitten by this.  :)

- Brad


On Sat, 17 Mar 2007, Thomas van Gulick wrote:

> 1.2.0 uses do_realloc, svn trunk version does reallocation 'inline' in the
> conn_shrunk().
>
> The argument to these reallocs() in the svn trunk version is incorrect.
>
> The realloc of c->rbuf on line 463 is correct, but the reallocs of ilist
> (line 474), msglist (line 483) and iov (line 492) are not, they're in the
> form:
>
> realloc((void*)&c->ilist, ...)
>
> instead of
>
> realloc((void*)c->ilist, ... )
>
> Due to the cast, there are not warnings.
> I've changed all three problems and am now running svn trunk memcached on a
> production server without any problems.
> I could supply a patch file, but you only need to remove 3 ampersands :)
>
> Thomas
>
> ----- Original Message -----
> From: "Brad Fitzpatrick" <brad at danga.com>
> To: "Thomas van Gulick" <thomas at partyflock.nl>
> Sent: Saturday, March 17, 2007 23:32
> Subject: Re: memcached bugreport
>
>
> > Thomas,
> >
> > Did you see that it's do_realloc() and not realloc()?
> >
> > See the implementation of do_realloc() above conn_shrink().
> >
> > You might be right still, but please confirm before I look into this more.
> >
> > - Brad
> >
> >
> > On Sat, 17 Mar 2007, Thomas van Gulick wrote:
> >
> >> Hi Brad!
> >>
> >> Found the problem...
> >>
> >> In memcached.c, in the conn_shrink() function ilist, msglist and iov are
> >> improperly reallocated.
> >> It's using the addresses of the pointers instead of the pointers
> >> themselves
> >> as argument to realloc!
> >>
> >> Thomas
> >> --
> >>
> >>
> >>
> >
> >
>
>