samba.git/lib/talloc/talloc.c, branch talloc-2.2.0 Unnamed repository; edit this file 'description' to name the repository. talloc: Fix alignment issues for casting pointers 2019-03-19T12:38:50+00:00 Andreas Schneider asn@samba.org 2018-10-12T09:58:26+00:00 b2c2c4c3e6c4538c62cbcf03923bd7536292f7e9 warning: cast from 'char *' to 'struct talloc_chunk *' increases required alignment from 1 to 8 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Tue Mar 19 12:38:50 UTC 2019 on sn-devel-144 
warning: cast from 'char *' to 'struct talloc_chunk *' increases required
alignment from 1 to 8

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Tue Mar 19 12:38:50 UTC 2019 on sn-devel-144
lib:talloc: Fix undefined behavior in talloc_memdup 2018-12-12T17:34:10+00:00 Andreas Schneider asn@samba.org 2018-11-22T15:10:39+00:00 eabe6d534c5c8c6ca38f3dc846f17aad6395da8c lib/talloc/talloc.c:2419: runtime error: null pointer passed as argument 2, which is declared to never be null Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> 
lib/talloc/talloc.c:2419: runtime error: null pointer passed as argument
2, which is declared to never be null

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
talloc: use atexit() again instead of a library destructor 2018-04-05T11:01:20+00:00 Stefan Metzmacher metze@samba.org 2018-04-03T11:13:01+00:00 03124c85f1141f1e57398e526f38798b6f1fa741 The change for https://bugzilla.samba.org/show_bug.cgi?id=7587 ("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD") (ommit 41b6810ba01f44537f470c806adb8686e1a39c48) causes the following for sssd on Linux: Stack trace of thread 19667: #0 0x00007f2cab91ff6b __GI_raise (libc.so.6) #1 0x00007f2cab90a5c1 __GI_abort (libc.so.6) #2 0x00007f2cab90a491 __assert_fail_base (libc.so.6) #3 0x00007f2cab9186e2 __GI___assert_fail (libc.so.6) #4 0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3) #5 0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3) #6 0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3) #7 0x00007f2cb10ab983 profile_close_file (libkrb5.so.3) #8 0x00007f2cb10af249 profile_release (libkrb5.so.3) #9 0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3) #10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3) #11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm) #12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2) #13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2) #18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2) #19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2) #20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6) #21 0x00007f2cab9227ec __GI_exit (libc.so.6) #22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so) #23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0) #24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0) #25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0) #26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0) #27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0) #28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0) #29 0x00007f2cb030eb37 server_loop (libsss_util.so) #30 0x000055cea7cb29f4 main (sssd_kcm) #31 0x00007f2cab90c1eb __libc_start_main (libc.so.6) #32 0x000055cea7cb2c7a _start (sssd_kcm) We still only register one atexit handler instead of multiple ones like in talloc 2.1.11, but avoids using a library destructor. Bug #7587 seems to be fixed by not using talloc_autofree_context() within samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
The change for https://bugzilla.samba.org/show_bug.cgi?id=7587
("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD")
(ommit 41b6810ba01f44537f470c806adb8686e1a39c48)
causes the following for sssd on Linux:

     Stack trace of thread 19667:
     #0  0x00007f2cab91ff6b __GI_raise (libc.so.6)
     #1  0x00007f2cab90a5c1 __GI_abort (libc.so.6)
     #2  0x00007f2cab90a491 __assert_fail_base (libc.so.6)
     #3  0x00007f2cab9186e2 __GI___assert_fail (libc.so.6)
     #4  0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3)
     #5  0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3)
     #6  0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3)
     #7  0x00007f2cb10ab983 profile_close_file (libkrb5.so.3)
     #8  0x00007f2cb10af249 profile_release (libkrb5.so.3)
     #9  0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3)
     #10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3)
     #11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm)
     #12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2)
     #13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2)
     #18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2)
     #19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2)
     #20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6)
     #21 0x00007f2cab9227ec __GI_exit (libc.so.6)
     #22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so)
     #23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0)
     #24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0)
     #25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0)
     #26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0)
     #27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0)
     #28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0)
     #29 0x00007f2cb030eb37 server_loop (libsss_util.so)
     #30 0x000055cea7cb29f4 main (sssd_kcm)
     #31 0x00007f2cab90c1eb __libc_start_main (libc.so.6)
     #32 0x000055cea7cb2c7a _start (sssd_kcm)

We still only register one atexit handler instead of multiple ones
like in talloc 2.1.11, but avoids using a library destructor.

Bug #7587 seems to be fixed by not using talloc_autofree_context()
within samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
talloc: use a library destructor instead of atexit() if available 2018-03-21T12:11:14+00:00 Stefan Metzmacher metze@samba.org 2018-03-20T15:48:33+00:00 41b6810ba01f44537f470c806adb8686e1a39c48 BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
talloc: Fix size type and checks in _vasprintf_tc 2018-03-21T12:11:14+00:00 Andreas Schneider asn@samba.org 2018-03-21T10:55:45+00:00 4a7eaf909d7f139462351c43ef1dbb2915f8490f This fixes compilation with -Wstrict-overflow=2 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
This fixes compilation with -Wstrict-overflow=2

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
talloc: Do not disclose the random talloc magic in free()'ed memory 2018-01-12T21:42:21+00:00 Andrew Bartlett abartlet@samba.org 2018-01-08T04:34:31+00:00 062309755888349afaa05dff7ac48ea8867110e0 This may help us avoid exploits via memory read attacks on Samba by ensuring that if the read is on an invalid chunk that the talloc magic disclosed there is not useful to create a valid chunk and so set a destructor. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13211 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
This may help us avoid exploits via memory read attacks on Samba by ensuring that if the read
is on an invalid chunk that the talloc magic disclosed there is not useful
to create a valid chunk and so set a destructor.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13211

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
talloc: Remove talloc_abort_magic() 2018-01-12T21:42:21+00:00 Andrew Bartlett abartlet@samba.org 2018-01-08T04:29:19+00:00 00ee9da50b289a68621f2af755d4283fe6cb3bc7 The check required for talloc_abort_magic() prevents the 'access after free error' from being printed. It is also no longer possible to determine the difference between invalid memory and a talloc version mismatch as the magic is now random on many platforms. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
The check required for talloc_abort_magic() prevents the 'access after free error'
from being printed.

It is also no longer possible to determine the difference between invalid memory
and a talloc version mismatch as the magic is now random on many platforms.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
talloc: fix TALLOC_VERSION_* mismatch detection 2017-02-21T23:14:34+00:00 Stefan Metzmacher metze@samba.org 2017-02-14T11:33:32+00:00 16ea6e1308a7d94a501d002ed53529f6d754e940 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Feb 22 00:14:34 CET 2017 on sn-devel-144 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Feb 22 00:14:34 CET 2017 on sn-devel-144
lib: talloc: Make it clear that talloc_get_size(NULL) returns 0. 2017-01-12T18:23:25+00:00 Jeremy Allison jra@samba.org 2017-01-11T19:48:25+00:00 d35ff9e9bdae79e5f5b2c9b5bf8cfe05199da804 This *isn't* a behavior change, as the previous code could potentially return the size of null_context, which (currently) is defined as a named talloc region of ZERO size, but this makes it very clear what the ABI behavior should be. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Jan 12 19:23:25 CET 2017 on sn-devel-144 
This *isn't* a behavior change, as the previous code could potentially
return the size of null_context, which (currently) is defined as
a named talloc region of ZERO size, but this makes it very clear
what the ABI behavior should be.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Jan 12 19:23:25 CET 2017 on sn-devel-144
talloc: clarify that talloc_magic never includes the bits in TALLOC_FLAG_MASK 2016-12-01T04:54:22+00:00 Andrew Bartlett abartlet@samba.org 2016-11-22T21:26:14+00:00 48c897f126b68c1bc5b5b05e203e65fa1dc89390 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>