[PATCH] "svn diff -x -w" gets error or outputs incorrect diff

Hideki IWAMOTO Mon, 31 Dec 2012 11:08:30 -0800

Hi.

I found a bug in token_compare() defined in
subversion/libsvn_diff/diff_file.c.
When reading token from file, offset of the normalized token
and the length before normalization are used.
This causes reading exceeding the file size or comparison beyond the 
end-of-line. 
The attached patch fix this.


How to reproduce
----------------
$ dd if=/dev/zero bs=1k count=128 | tr '\0' '\n' > cmp1
$ printf '    @@@\n' | dd of=cmp1 bs=8 seek=16383 conv=notrunc
$ dd if=/dev/zero bs=1k count=128 | tr '\0' '\n' > cmp2
$ printf '     @@@\n' | dd of=cmp2 bs=8 seek=16383 conv=notrunc
$ hexdump -C  cmp1
00000000  0a 0a 0a 0a 0a 0a 0a 0a  0a 0a 0a 0a 0a 0a 0a 0a  |................|
*
0001fff0  0a 0a 0a 0a 0a 0a 0a 0a  20 20 20 20 40 40 40 0a  |........    @@@.|
00020000
$ hexdump -C cmp2
00000000  0a 0a 0a 0a 0a 0a 0a 0a  0a 0a 0a 0a 0a 0a 0a 0a  |................|
*
0001fff0  0a 0a 0a 0a 0a 0a 0a 0a  20 20 20 20 20 40 40 40  |........     @@@|
00020000  0a                                                |.|
00020001
$ svn di -x -b --old=cmp1 --new=cmp2
$ svn di -x -w --old=cmp1 --new=cmp2
subversion/svn/diff-cmd.c:383: (apr_err=70014)
subversion/libsvn_client/diff.c:2994: (apr_err=70014)
subversion/libsvn_client/diff.c:2086: (apr_err=70014)
subversion/libsvn_client/diff.c:2031: (apr_err=70014)
subversion/libsvn_client/diff.c:1717: (apr_err=70014)
subversion/libsvn_client/diff.c:958: (apr_err=70014)
subversion/libsvn_client/diff.c:853: (apr_err=70014)
subversion/libsvn_diff/diff_file.c:1267: (apr_err=70014)
subversion/libsvn_diff/diff.c:169: (apr_err=70014)
subversion/libsvn_diff/token.c:179: (apr_err=70014)
subversion/libsvn_diff/token.c:105: (apr_err=70014)
subversion/libsvn_diff/diff_file.c:1065: (apr_err=70014)
subversion/libsvn_subr/io.c:3222: (apr_err=70014)
svn: E070014: Can't read file '/tmp/cmp2': End of file found

$ dd if=/dev/zero bs=1k count=128 | tr '\0' '\n' > cmp3
$ printf '    @@@\naaaaaaa\n' | dd of=cmp3 bs=8 seek=16383 conv=notrunc
$ dd if=/dev/zero bs=1k count=128 | tr '\0' '\n' > cmp4
$ printf '     @@@\nbbbbbbb\n' | dd of=cmp4 bs=8 seek=16383 conv=notrunc
$ hexdump -C cmp3
00000000  0a 0a 0a 0a 0a 0a 0a 0a  0a 0a 0a 0a 0a 0a 0a 0a  |................|
*
0001fff0  0a 0a 0a 0a 0a 0a 0a 0a  20 20 20 20 40 40 40 0a  |........    @@@.|
00020000  61 61 61 61 61 61 61 0a                           |aaaaaaa.|
00020008
$ hexdump -C cmp4
00000000  0a 0a 0a 0a 0a 0a 0a 0a  0a 0a 0a 0a 0a 0a 0a 0a  |................|
*
0001fff0  0a 0a 0a 0a 0a 0a 0a 0a  20 20 20 20 20 40 40 40  |........     @@@|
00020000  0a 62 62 62 62 62 62 62  0a                       |.bbbbbbb.|
00020009
$ svn di -x -b --old=cmp3 --new=cmp4
Index: cmp4
===================================================================
--- cmp4        (.../cmp3)      (working copy)
+++ cmp4        (.../cmp4)      (working copy)
@@ -131063,4 +131063,4 @@


     @@@
-aaaaaaa
+bbbbbbb
$  svn di -x -w --old=cmp3 --new=cmp4
Index: cmp4
===================================================================
--- cmp4        (.../cmp3)      (working copy)
+++ cmp4        (.../cmp4)      (working copy)
@@ -131062,5 +131062,5 @@



-    @@@
-aaaaaaa
+     @@@
+bbbbbbb

-- 
Hideki IWAMOTO <hideki.iwam...@gaia.eonet.ne.jp>

token_compare-log.txt
Description: Binary data

token_compare-trunk.patch
Description: Binary data

[PATCH] "svn diff -x -w" gets error or outputs incorrect diff

Reply via email to