[Akonadi] [Bug 493393] akonadi-db-migrator segfaults attempting to migrate to SQLite

Thu, 24 Apr 2025 02:22:51 -0700 

https://bugs.kde.org/show_bug.cgi?id=493393

Rongrong <i...@rong.moe> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |i...@rong.moe

--- Comment #3 from Rongrong <i...@rong.moe> ---
I reproduced the issue on Debian sid (akonadi-server 24.12.3) and GDB'd
akonadi-db-migrator.

I soonly noticed that the return value of `SchemaVersion::retrieveAll(store)'
was an empty QList. This was probably because the migration destination was a
newly created database, hence, with all tables being empty at that time.

{
  <QListSpecialMethods<Akonadi::Server::SchemaVersion>> = {
    <QListSpecialMethodsBase<Akonadi::Server::SchemaVersion>> = {<No data
fields>}, <No data fields>},
  members of QList<Akonadi::Server::SchemaVersion>:
  d = {
    d = 0x0,
    ptr = 0x0,
    size = 0
  }
}

Then, `.at(0)' immediately extracted a NULL pointer as it never does a bound
check (as per https://doc.qt.io/qt-6/qlist.html#at). The NULL pointer was
therefore passed to the copy constructor of `Akonadi::Server::SchemaVersion'.

#0  Akonadi::Server::SchemaVersion::SchemaVersion
(this=this@entry=0x7ffff25fe0e0, other=...) at
./obj-x86_64-linux-gnu/src/server/entities.cpp:99
#1  0x000055555560b31b in Akonadi::Server::DbInitializer::run
(this=0x7fffec037d80) at
/usr/include/x86_64-linux-gnu/qt6/QtCore/qarraydatapointer.h:120
#2  0x00005555555de42e in Akonadi::Server::DataStore::init
(this=0x7fffec0853c0) at
/usr/include/x86_64-linux-gnu/qt6/QtCore/qsharedpointer_impl.h:274
#3  0x00005555555c27d2 in (anonymous namespace)::prepareDatabase
(config=config@entry=0x7fffec00ab60) at
./src/server/dbmigrator/dbmigrator.cpp:194
#4  0x00005555555c9341 in Akonadi::Server::DbMigrator::runMigrationThread
(this=this@entry=0x7fffffffd490) at ./src/server/dbmigrator/dbmigrator.cpp:533
[...]

I am not familiar with Akonadi. I guess there are two appropriate ways to fix
it:
  1. Create a SchemaVersion record immediately after the creation of a new
database;
  2. Use `QList::value(0)', which returns a default-constructed value on
out-of-bound index.

Could someone familiar with Akonadi fix it (or tell me the appropriate way to
fix it so that I can submit an MR)?

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to