Project

General

Profile

Backport #8431

File.read() crash on Win32SP3 32bit

Added by galnaktar (Oleg K) over 6 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
[ruby-core:55098]

Description

Open existing empty file, seek on 0xFFFFFFFF(4294967295) and trying to read 1 byte.

c:\Ruby200\bin>irb
DL is deprecated, please use Fiddle
irb(main):001:0> f = File.open("1", "w")
=> #File:1
irb(main):002:0> f.close
=> nil
irb(main):003:0> f = File.open("1", "rb")
=> #File:1
irb(main):004:0> f.seek(4294967295)
=> 0
irb(main):005:0> f.read(1)
(irb):5: [BUG] rb_sys_fail_str(1) - errno == 0
ruby 2.0.0p195 (2013-05-14) [i386-mingw32]

-- Control frame information -----------------------------------------------
c:0019 p:---- s:0076 e:000075 CFUNC :read
c:0018 p:0007 s:0072 e:000071 EVAL (irb):5 [FINISH]
c:0017 p:---- s:0070 e:000069 CFUNC :eval
c:0016 p:0024 s:0063 e:000062 METHOD c:/Ruby200/lib/ruby/2.0.0/irb/workspace.rb:

Associated revisions

Revision a815b56d
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40888 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision 40888
Added by nobu (Nobuyoshi Nakada) over 6 years ago

win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Revision ded54cb8
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@40894 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision 40894
Added by nobu (Nobuyoshi Nakada) over 6 years ago

test_io.rb: test for write

  • test/ruby/test_io.rb (TestIO#test_write_32bit_boundary): add test for write part. [ruby-core:55098] [Bug #8431]

Revision e377d3bb
Added by nagachika (Tomoyuki Chikanaga) over 6 years ago

merge revision(s) 40887,40888,40894,40896: [Backport #8431]

    * win32/win32.c (setup_overlapped, finish_overlapped): extract from
      rb_w32_read() and rb_w32_write().

    * win32/win32.c (setup_overlapped): check the error code in addition
      to the result of SetFilePointer() to determine if an error occurred,
      because INVALID_SET_FILE_POINTER is a valid value.
      [ruby-core:55098] [Bug #8431]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@41056 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 6ef15ce5
Added by usa (Usaku NAKAMURA) over 6 years ago

merge revision(s) 40887,40888,40894,40896: [Backport #8431]

    * win32/win32.c (setup_overlapped, finish_overlapped): extract from
      rb_w32_read() and rb_w32_write().

    * win32/win32.c (setup_overlapped): check the error code in addition
      to the result of SetFilePointer() to determine if an error occurred,
      because INVALID_SET_FILE_POINTER is a valid value.
      [ruby-core:55098] [Bug #8431]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@41082 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 41082
Added by usa (Usaku NAKAMURA) over 6 years ago

merge revision(s) 40887,40888,40894,40896: [Backport #8431]

* win32/win32.c (setup_overlapped, finish_overlapped): extract from
  rb_w32_read() and rb_w32_write().

* win32/win32.c (setup_overlapped): check the error code in addition
  to the result of SetFilePointer() to determine if an error occurred,
  because INVALID_SET_FILE_POINTER is a valid value.
  [ruby-core:55098] [Bug #8431]

History

Updated by phasis68 (Heesob Park) over 6 years ago

This bug is due to the invalid error checking of SetFilePointer function.
The constant INVALID_SET_FILE_POINTER is defined as (DWORD)-1 and is same to 0xFFFFFFFF(4294967295).

I can see the following sentences in the documentation of SetFilePointer function:
Because INVALID_SET_FILE_POINTER is a valid value for the low-order DWORD of the new file pointer, you must check both the return value of the function and the error code returned by GetLastError to determine whether or not an error has occurred. If an error has occurred, the return value of SetFilePointer is INVALID_SET_FILE_POINTER and GetLastError returns a value other than NO_ERROR.

Refer to http://msdn.microsoft.com/en-us/library/windows/desktop/aa365541(v=vs.85).aspx

Here is a patch:
diff --git a/win32.c b/win32.c.new
index 318af2f..79a49d4 100644
--- a/win32.c
+++ b/win32.c.new
@@ -6084,8 +6084,8 @@ rb_w32_read(int fd, void *buf, size_t size)
#ifndef INVALID_SET_FILE_POINTER
#define INVALID_SET_FILE_POINTER ((DWORD)-1)
#endif

  • if (low == INVALID_SET_FILE_POINTER) {
  • errno = map_errno(GetLastError());
  • if (low == INVALID_SET_FILE_POINTER && (err = GetLastError()) != NO_ERROR) {
  • errno = map_errno(err); MTHREAD_ONLY(LeaveCriticalSection(&_pioinfo(fd)->lock)); return -1; } @@ -6228,8 +6228,8 @@ rb_w32_write(int fd, const void *buf, size_t size) #ifndef INVALID_SET_FILE_POINTER #define INVALID_SET_FILE_POINTER ((DWORD)-1) #endif
  • if (low == INVALID_SET_FILE_POINTER) {
  • errno = map_errno(GetLastError());
  • if (low == INVALID_SET_FILE_POINTER && (err = GetLastError()) != NO_ERROR) {
  • errno = map_errno(err); MTHREAD_ONLY(LeaveCriticalSection(&_pioinfo(fd)->lock)); return -1; }
#2

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r40888.
Oleg, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


win32.c: check error of SetFilePointer

  • win32/win32.c (setup_overlapped): check the error code in addition to the result of SetFilePointer() to determine if an error occurred, because INVALID_SET_FILE_POINTER is a valid value. [ruby-core:55098] [Bug #8431]

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Backport changed from 1.9.3: UNKNOWN, 2.0.0: UNKNOWN to 1.9.3: REQUIRED, 2.0.0: REQUIRED
#4

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Assignee changed from cruby-windows to nagachika (Tomoyuki Chikanaga)
  • Tracker changed from Bug to Backport
  • Project changed from Ruby master to Backport200
  • Category deleted (platform/windows)
  • Status changed from Closed to Assigned

Updated by phasis68 (Heesob Park) over 6 years ago

The change set r40888 is not complete.
As I pointed out the above patch, there are two SetFilePointer checking.
The invalid SetFilePointer check is still remains in the rb_w32_write function.

Here is write part segfault.

C:\Users\phasis>irb
DL is deprecated, please use Fiddle
irb(main):001:0> f = File.open('a','wb')
=> #File:a
irb(main):002:0> f.seek(0xffffffff)
=> 0
irb(main):003:0> f.write('1')
=> 1
irb(main):004:0> f.tell
(irb):4: [BUG] rb_sys_fail() - errno == 0
ruby 2.0.0p195 (2013-05-14) [i386-mingw32]

-- Control frame information -----------------------------------------------
c:0019 p:---- s:0075 e:000074 CFUNC :tell
c:0018 p:0006 s:0072 e:000071 EVAL (irb):4 [FINISH]
c:0017 p:---- s:0070 e:000069 CFUNC :eval
c:0016 p:0024 s:0063 e:000062 METHOD C:/Ruby200/lib/ruby/2.0.0/irb/workspace.rb:
86
c:0015 p:0025 s:0056 e:000054 METHOD C:/Ruby200/lib/ruby/2.0.0/irb/context.rb:38
0
c:0014 p:0022 s:0050 e:000049 BLOCK C:/Ruby200/lib/ruby/2.0.0/irb.rb:492
c:0013 p:0040 s:0042 e:000041 METHOD C:/Ruby200/lib/ruby/2.0.0/irb.rb:624
c:0012 p:0009 s:0037 e:000036 BLOCK C:/Ruby200/lib/ruby/2.0.0/irb.rb:489
c:0011 p:0118 s:0033 e:000032 BLOCK C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:2
47 [FINISH]
c:0010 p:---- s:0030 e:000029 CFUNC :loop
c:0009 p:0007 s:0027 e:000026 BLOCK C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:2
33 [FINISH]
c:0008 p:---- s:0025 e:000024 CFUNC :catch
c:0007 p:0015 s:0021 e:000020 METHOD C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:2
32
c:0006 p:0030 s:0018 E:000564 METHOD C:/Ruby200/lib/ruby/2.0.0/irb.rb:488
c:0005 p:0008 s:0015 e:000014 BLOCK C:/Ruby200/lib/ruby/2.0.0/irb.rb:397 [FINIS
H]
c:0004 p:---- s:0013 e:000012 CFUNC :catch
c:0003 p:0143 s:0009 E:0000d4 METHOD C:/Ruby200/lib/ruby/2.0.0/irb.rb:396
c:0002 p:0031 s:0004 E:001d0c EVAL C:/Ruby200/bin/irb:12 [FINISH]
c:0001 p:0000 s:0002 E:0023dc TOP [FINISH]

C:/Ruby200/bin/irb:12:in <main>'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:396:in
start'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:396:in catch'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:397:in
block in start'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:488:in eval_input'
C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:232:in
each_top_level_statement'
C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:232:in catch'
C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:233:in
block in each_top_level_statem
ent'
C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:233:in loop'
C:/Ruby200/lib/ruby/2.0.0/irb/ruby-lex.rb:247:in
block (2 levels) in each_top_l
evel_statement'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:489:in block in eval_input'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:624:in
signal_status'
C:/Ruby200/lib/ruby/2.0.0/irb.rb:492:in block (2 levels) in eval_input'
C:/Ruby200/lib/ruby/2.0.0/irb/context.rb:380:in
evaluate'
C:/Ruby200/lib/ruby/2.0.0/irb/workspace.rb:86:in evaluate'
C:/Ruby200/lib/ruby/2.0.0/irb/workspace.rb:86:in
eval'
(irb):4:in irb_binding'
(irb):4:in
tell'

Updated by luislavena (Luis Lavena) over 6 years ago

  • Assignee changed from nagachika (Tomoyuki Chikanaga) to nobu (Nobuyoshi Nakada)
  • % Done changed from 100 to 50

nobu-san, do you want me to commit the missing fix?

#7

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Tracker changed from Backport to Bug
  • Project changed from Backport200 to Ruby master
  • Status changed from Assigned to Open

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Category set to platform/windows
  • ruby -v set to 2.1.0

Oops, [Backport] ticket can't catch the commit on trunk?
I added the test for write at r80894 now.

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • % Done changed from 50 to 100

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Backport set to 1.9.3: REQUIRED, 2.0.0: REQUIRED
#11

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Tracker changed from Bug to Backport
  • Project changed from Ruby master to Backport200
  • Category deleted (platform/windows)
  • Status changed from Open to Assigned
  • Assignee changed from nobu (Nobuyoshi Nakada) to nagachika (Tomoyuki Chikanaga)

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

Calls to SetFilePointer() are extracted as a new function at r40887, and r40888 fixed it.

#13

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Tracker changed from Backport to Bug
  • Project changed from Backport200 to Ruby master

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Category set to platform/windows
  • Backport set to 1.9.3: REQUIRED, 2.0.0: REQUIRED
  • ruby -v set to 2.1.0

r40896 is needed too.

#15

Updated by nobu (Nobuyoshi Nakada) over 6 years ago

  • Tracker changed from Bug to Backport
  • Project changed from Ruby master to Backport200
  • Category deleted (platform/windows)
#16

Updated by nagachika (Tomoyuki Chikanaga) over 6 years ago

  • Status changed from Assigned to Closed

This issue was solved with changeset r41056.
Oleg, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


merge revision(s) 40887,40888,40894,40896: [Backport #8431]

* win32/win32.c (setup_overlapped, finish_overlapped): extract from
  rb_w32_read() and rb_w32_write().

* win32/win32.c (setup_overlapped): check the error code in addition
  to the result of SetFilePointer() to determine if an error occurred,
  because INVALID_SET_FILE_POINTER is a valid value.
  [ruby-core:55098] [Bug #8431]
#17

Updated by nagachika (Tomoyuki Chikanaga) over 6 years ago

  • Project changed from Backport200 to Backport193
  • Status changed from Closed to Assigned
  • Assignee changed from nagachika (Tomoyuki Chikanaga) to usa (Usaku NAKAMURA)

backport for 1.9.3 is also required?

#18

Updated by usa (Usaku NAKAMURA) over 6 years ago

  • Status changed from Assigned to Closed

This issue was solved with changeset r41082.
Oleg, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


merge revision(s) 40887,40888,40894,40896: [Backport #8431]

* win32/win32.c (setup_overlapped, finish_overlapped): extract from
  rb_w32_read() and rb_w32_write().

* win32/win32.c (setup_overlapped): check the error code in addition
  to the result of SetFilePointer() to determine if an error occurred,
  because INVALID_SET_FILE_POINTER is a valid value.
  [ruby-core:55098] [Bug #8431]

Also available in: Atom PDF