samba.git/lib/talloc, branch talloc-2.1.13 Unnamed repository; edit this file 'description' to name the repository. talloc: version 2.1.13 2018-04-05T13:53:16+00:00 Stefan Metzmacher metze@samba.org 2018-04-03T11:46:20+00:00 d48b62326a5256fabdcbdd97cc71c44527672527 * Use atexit() again instead of a library destructor (bug #13366) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Apr 5 15:53:16 CEST 2018 on sn-devel-144 
* Use atexit() again instead of a library destructor
  (bug #13366)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Apr  5 15:53:16 CEST 2018 on sn-devel-144
talloc: use atexit() again instead of a library destructor 2018-04-05T11:01:20+00:00 Stefan Metzmacher metze@samba.org 2018-04-03T11:13:01+00:00 03124c85f1141f1e57398e526f38798b6f1fa741 The change for https://bugzilla.samba.org/show_bug.cgi?id=7587 ("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD") (ommit 41b6810ba01f44537f470c806adb8686e1a39c48) causes the following for sssd on Linux: Stack trace of thread 19667: #0 0x00007f2cab91ff6b __GI_raise (libc.so.6) #1 0x00007f2cab90a5c1 __GI_abort (libc.so.6) #2 0x00007f2cab90a491 __assert_fail_base (libc.so.6) #3 0x00007f2cab9186e2 __GI___assert_fail (libc.so.6) #4 0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3) #5 0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3) #6 0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3) #7 0x00007f2cb10ab983 profile_close_file (libkrb5.so.3) #8 0x00007f2cb10af249 profile_release (libkrb5.so.3) #9 0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3) #10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3) #11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm) #12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2) #13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2) #17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2) #18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2) #19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2) #20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6) #21 0x00007f2cab9227ec __GI_exit (libc.so.6) #22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so) #23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0) #24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0) #25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0) #26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0) #27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0) #28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0) #29 0x00007f2cb030eb37 server_loop (libsss_util.so) #30 0x000055cea7cb29f4 main (sssd_kcm) #31 0x00007f2cab90c1eb __libc_start_main (libc.so.6) #32 0x000055cea7cb2c7a _start (sssd_kcm) We still only register one atexit handler instead of multiple ones like in talloc 2.1.11, but avoids using a library destructor. Bug #7587 seems to be fixed by not using talloc_autofree_context() within samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
The change for https://bugzilla.samba.org/show_bug.cgi?id=7587
("talloc_autofree_context() in shared libraries and plugins is a bad idea on FreeBSD")
(ommit 41b6810ba01f44537f470c806adb8686e1a39c48)
causes the following for sssd on Linux:

     Stack trace of thread 19667:
     #0  0x00007f2cab91ff6b __GI_raise (libc.so.6)
     #1  0x00007f2cab90a5c1 __GI_abort (libc.so.6)
     #2  0x00007f2cab90a491 __assert_fail_base (libc.so.6)
     #3  0x00007f2cab9186e2 __GI___assert_fail (libc.so.6)
     #4  0x00007f2cb10aaca5 k5_mutex_lock (libkrb5.so.3)
     #5  0x00007f2cb10ab790 k5_mutex_lock (libkrb5.so.3)
     #6  0x00007f2cb10ab8f5 profile_free_file (libkrb5.so.3)
     #7  0x00007f2cb10ab983 profile_close_file (libkrb5.so.3)
     #8  0x00007f2cb10af249 profile_release (libkrb5.so.3)
     #9  0x00007f2cb10a06c7 k5_os_free_context (libkrb5.so.3)
     #10 0x00007f2cb1075a9a krb5_free_context (libkrb5.so.3)
     #11 0x000055cea7cb2dd1 kcm_data_destructor (sssd_kcm)
     #12 0x00007f2cac153e96 _tc_free_internal (libtalloc.so.2)
     #13 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #14 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #15 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #16 0x00007f2cac1537b0 _tc_free_internal (libtalloc.so.2)
     #17 0x00007f2cac14e648 _talloc_free (libtalloc.so.2)
     #18 0x00007f2cac14c480 talloc_lib_fini (libtalloc.so.2)
     #19 0x00007f2cb151da96 _dl_fini (ld-linux-x86-64.so.2)
     #20 0x00007f2cab9226bc __run_exit_handlers (libc.so.6)
     #21 0x00007f2cab9227ec __GI_exit (libc.so.6)
     #22 0x00007f2cb030dc61 orderly_shutdown (libsss_util.so)
     #23 0x00007f2cac365a46 tevent_common_check_signal (libtevent.so.0)
     #24 0x00007f2cac367975 epoll_event_loop_once (libtevent.so.0)
     #25 0x00007f2cac365dab std_event_loop_once (libtevent.so.0)
     #26 0x00007f2cac362098 _tevent_loop_once (libtevent.so.0)
     #27 0x00007f2cac3622eb tevent_common_loop_wait (libtevent.so.0)
     #28 0x00007f2cac365d3b std_event_loop_wait (libtevent.so.0)
     #29 0x00007f2cb030eb37 server_loop (libsss_util.so)
     #30 0x000055cea7cb29f4 main (sssd_kcm)
     #31 0x00007f2cab90c1eb __libc_start_main (libc.so.6)
     #32 0x000055cea7cb2c7a _start (sssd_kcm)

We still only register one atexit handler instead of multiple ones
like in talloc 2.1.11, but avoids using a library destructor.

Bug #7587 seems to be fixed by not using talloc_autofree_context()
within samba.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13366

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
talloc: version 2.1.12 2018-03-21T17:39:33+00:00 Stefan Metzmacher metze@samba.org 2018-03-21T07:24:06+00:00 80f9ec016496087bca06d3c34b6f687f0dc145ac * Fix documentation typo * Fix compilation with -Wstrict-overflow=2 * Use a library destructor instead of atexit() if available (bug #7587) Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Ralph Böhme <slow@samba.org> Autobuild-Date(master): Wed Mar 21 18:39:33 CET 2018 on sn-devel-144 
* Fix documentation typo
* Fix compilation with -Wstrict-overflow=2
* Use a library destructor instead of atexit() if available
  (bug #7587)

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Mar 21 18:39:33 CET 2018 on sn-devel-144
talloc: use a library destructor instead of atexit() if available 2018-03-21T12:11:14+00:00 Stefan Metzmacher metze@samba.org 2018-03-20T15:48:33+00:00 41b6810ba01f44537f470c806adb8686e1a39c48 BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7587

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
talloc: Fix size type and checks in _vasprintf_tc 2018-03-21T12:11:14+00:00 Andreas Schneider asn@samba.org 2018-03-21T10:55:45+00:00 4a7eaf909d7f139462351c43ef1dbb2915f8490f This fixes compilation with -Wstrict-overflow=2 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> 
This fixes compilation with -Wstrict-overflow=2

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
talloc: Fix documentation typo 2018-01-22T10:11:37+00:00 Martin Schwenke martin@meltin.net 2018-01-18T05:08:15+00:00 9daf40c55af61081abca663c7250f103d5b2a0df Signed-off-by: Martin Schwenke <martin@meltin.net> Reviewed-by: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Martin Schwenke <martins@samba.org> Autobuild-Date(master): Mon Jan 22 11:11:38 CET 2018 on sn-devel-144 
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Mon Jan 22 11:11:38 CET 2018 on sn-devel-144
talloc: version 2.1.11 2018-01-12T21:42:22+00:00 Stefan Metzmacher metze@samba.org 2018-01-12T06:45:09+00:00 efe317c59204af076bb500ad904d2a5f6a961509 * disable-python - fix talloc wscript if bundling disabled * Do not disclose the random talloc magic in free()'ed memory Signed-off-by: Stefan Metzmacher <metze@samba.org> 
* disable-python - fix talloc wscript if bundling disabled
* Do not disclose the random talloc magic in free()'ed memory

Signed-off-by: Stefan Metzmacher <metze@samba.org>
talloc: Do not disclose the random talloc magic in free()'ed memory 2018-01-12T21:42:21+00:00 Andrew Bartlett abartlet@samba.org 2018-01-08T04:34:31+00:00 062309755888349afaa05dff7ac48ea8867110e0 This may help us avoid exploits via memory read attacks on Samba by ensuring that if the read is on an invalid chunk that the talloc magic disclosed there is not useful to create a valid chunk and so set a destructor. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13211 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
This may help us avoid exploits via memory read attacks on Samba by ensuring that if the read
is on an invalid chunk that the talloc magic disclosed there is not useful
to create a valid chunk and so set a destructor.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13211

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
talloc: Add tests to require use-after-free to give the correct talloc_abort() string 2018-01-12T21:42:21+00:00 Andrew Bartlett abartlet@samba.org 2018-01-11T22:17:09+00:00 e2497b26b2ec8a9ae4401d0380431c897959c627 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
talloc: Remove talloc_abort_magic() 2018-01-12T21:42:21+00:00 Andrew Bartlett abartlet@samba.org 2018-01-08T04:29:19+00:00 00ee9da50b289a68621f2af755d4283fe6cb3bc7 The check required for talloc_abort_magic() prevents the 'access after free error' from being printed. It is also no longer possible to determine the difference between invalid memory and a talloc version mismatch as the magic is now random on many platforms. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
The check required for talloc_abort_magic() prevents the 'access after free error'
from being printed.

It is also no longer possible to determine the difference between invalid memory
and a talloc version mismatch as the magic is now random on many platforms.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13210

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>