huh -

On a sun box:

donsharp-u5:169> cvs -f diff -C111111111111 checkin.c
Index: checkin.c
===================================================================
RCS file: /home2/cvsroot/ccvs/src/checkin.c,v
retrieving revision 1.41
diff -C111111111111 -r1.41 checkin.c
cvs [server aborted]: out of memory; can not allocate 4294967232 bytes

donsharp-u5:164> cvs -v

Concurrent Versions System (CVS) 1.11.1.1 (client/server)

Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
                        Jeff Polk, and other authors

CVS may be copied only under the terms of the GNU General Public License,
a copy of which can be found with the CVS distribution kit.

Specify the --help option for further information about CVS
donsharp-u5:165>

donsharp-u5:165> uname -a
SunOS donsharp-u5 5.6 Generic_105181-15 sun4u sparc SUNW,Ultra-5_10
donsharp-u5:166

On a linux box:

[sharpdyonk src]$ cvs -f diff -C111111111111 checkin.c
Index: checkin.c
===================================================================
RCS file: /work/repository/ccvs/src/checkin.c,v
retrieving revision 1.1.1.1
diff -C111111111111 -r1.1.1.1 checkin.c
cvs [diff aborted]: out of memory; can not allocate 4294967232 bytes
[sharpdyonk src]$
[sharpdyonk src]$ cvs -v

Concurrent Versions System (CVS) 1.11.1.1 (client/server)

Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
                        Jeff Polk, and other authors

CVS may be copied only under the terms of the GNU General Public License,
a copy of which can be found with the CVS distribution kit.

Specify the --help option for further information about CVS
[sharpdyonk src]$ uname -a
Linux yonk.pinkbelly.org 2.4.8-26mdk #1 Sun Sep 23 17:06:39 CEST 2001 i686 unknown

I have insufficient memory. But why would you expect this to be a
security hole?

donald

On Fri, Feb 22, 2002 at 09:34:00AM -0800, Crist J. Clark wrote:
> On Thu, Feb 21, 2002 at 10:21:05AM -0500, Larry Jones wrote:
> [snip]
>
> > > This is 1.10.7-7; do you have the patch for this problem handy?
> >
> > The best fix is to upgrade to a reasonably current release of CVS, which
> > you can get from www.cvshome.org. The current release is 1.11.1p1. If
> > you insist on patching an obsolete version:
>
> Well, if that was his problem, there still appears to be one.
>
> $ cvs -v
>
> Concurrent Versions System (CVS) 1.11.1p1-FreeBSD (client/server)
>
> Copyright (c) 1989-2001 Brian Berliner, david d `zoo' zuhn,
> Jeff Polk, and other authors
>
> CVS may be copied only under the terms of the GNU General Public License,
> a copy of which can be found with the CVS distribution kit.
>
> Specify the --help option for further information about CVS
>
> Which looks like the current release. This is a FreeBSD 4.5-RELEASE
> system, BTW. And I get,
>
> $ cvs -f diff -C111111111111 ip_fw.c
> Index: ip_fw.c
> ===================================================================
> RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
> retrieving revision 1.131.2.31
> diff -C111111111111 -r1.131.2.31 ip_fw.c
> Segmentation fault (core dumped)
>
> The fault is not at the code you quoted, but I'm seg faulting,
>
> (gdb) run -fq diff -C`perl -e 'print "1" x 11'` /export/current/src/sys/netinet/ip_fw.c
> Starting program: /var/tmp/export/stable/src/gnu/usr.bin/cvs/cvs/cvs -fq diff -C`perl -e 'print "1" x 11'` /export/current/src/sys/netinet/ip_fw.c
> Index: /export/current/src/sys/netinet/ip_fw.c
> ===================================================================
> RCS file: /export/ncvs/src/sys/netinet/ip_fw.c,v
> retrieving revision 1.181
> diff -C11111111111 -r1.181 ip_fw.c
>
> Program received signal SIGSEGV, Segmentation fault.
> 0x8099b7e in discard_confusing_lines (filevec=0xbfbff38c)
> at /export/stable/src/gnu/usr.bin/cvs/libdiff/../../../../contrib/cvs/diff/analyze.c:431
> (gdb)
>
> Sorry, I have not looked in to it more closely than this.
> --
> Crist J. Clark | cjclarkalum.mit.edu
> | cjclarkjhu.edu
> http://people.freebsd.org/~cjc/ | cjcfreebsd.org
>
> _______________________________________________
> Bug-cvs mailing list
> Bug-cvsgnu.org
> http://mail.gnu.org/mailman/listinfo/bug-cvs

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]