Project

General

Profile

Actions

Bug #7957

closed

rb_str_modify() does not prevent shared string from rb_str_set_len()

Added by normalperson (Eric Wong) over 11 years ago. Updated over 11 years ago.

Status:
Third Party's Issue
Target version:
ruby -v:
ruby 2.0.0p0 (2013-02-24 revision 39474) [x86_64-linux]
Backport:
[ruby-core:52876]

Description

unicorn HTTP chunk parser may raise "can't set length of shared string (RuntimeError)" in rb_str_set_len().
However, it does call rb_str_modify() before calling rb_str_set_len().

To reproduce:
git clone git://bogomips.org/unicorn
cd unicorn
gem install isolate # needed for unicorn dependencies
git reset --hard v4.6.1
make http # build HTTP parser (needs ragel installed: apt-get install ragel)
ruby -I lib str_modify.rb # failure, raises

apply unicorn_http.patch

patch -p1 < unicorn_http.patch
make http # rebuild parser
ruby -I lib str_modify.rb # success (no output)

In my proposed patch, I call rb_str_resize() instead of rb_str_set_len() and that seems to
work around the issue. I even call rb_str_modify() an extra time before rb_str_set_len(),
but rb_str_set_len() still raises...


Files

str_modify.rb (408 Bytes) str_modify.rb script to reproduce the issue (requires unicorn) normalperson (Eric Wong), 02/25/2013 09:54 PM
unicorn_http.patch (931 Bytes) unicorn_http.patch proposed patch to unicorn normalperson (Eric Wong), 02/25/2013 09:54 PM

Updated by ko1 (Koichi Sasada) over 11 years ago

  • Category set to core
  • Assignee set to nobu (Nobuyoshi Nakada)
  • Priority changed from Normal to 5
  • Target version set to 2.1.0

Updated by normalperson (Eric Wong) over 11 years ago

I will try to make a standalone test case which does not depend on
the Ragel parser.

Updated by normalperson (Eric Wong) over 11 years ago

sorry for the noise. It turns out unicorn has a build system bug.

Updated by usa (Usaku NAKAMURA) over 11 years ago

  • Status changed from Open to Third Party's Issue

Updated by normalperson (Eric Wong) over 11 years ago

This is definitely not a ruby bug, fixed in unicorn v4.6.2
(commit f7ee06592d7709e96f64efb5e7a9485b54415c9d)

Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0