Re: [PATCH 2/3] util: add xtalloc.[ch]

unofficial mirror of notmuch@notmuchmail.org
 help / color / mirror / code / Atom feed

From: Austin Clements <amdragon@MIT.EDU>
To: david@tethera.net
Cc: notmuch@notmuchmail.org, David Bremner <bremner@debian.org>
Subject: Re: [PATCH 2/3] util: add xtalloc.[ch]
Date: Thu, 20 Dec 2012 21:03:58 -0500	[thread overview]
Message-ID: <20121221020358.GR6187@mit.edu> (raw)
In-Reply-To: <1355714648-23144-3-git-send-email-david@tethera.net>

Quoth david@tethera.net on Dec 16 at 11:24 pm:
> From: David Bremner <bremner@debian.org>
> 
> These are intended to be simple wrappers to provide slightly better
> debugging information than what talloc currently provides natively.
> ---
>  notmuch-client.h    |    2 +-
>  util/Makefile.local |    2 +-
>  util/xtalloc.c      |   15 +++++++++++++++
>  util/xtalloc.h      |   18 ++++++++++++++++++
>  4 files changed, 35 insertions(+), 2 deletions(-)
>  create mode 100644 util/xtalloc.c
>  create mode 100644 util/xtalloc.h
> 
> diff --git a/notmuch-client.h b/notmuch-client.h
> index d7b352e..60be030 100644
> --- a/notmuch-client.h
> +++ b/notmuch-client.h
> @@ -58,7 +58,7 @@ typedef GMimeCipherContext notmuch_crypto_context_t;
>  #include <errno.h>
>  #include <signal.h>
>  
> -#include <talloc.h>
> +#include "xtalloc.h"
>  
>  #define unused(x) x __attribute__ ((unused))
>  
> diff --git a/util/Makefile.local b/util/Makefile.local
> index a11e35b..8a62c00 100644
> --- a/util/Makefile.local
> +++ b/util/Makefile.local
> @@ -4,7 +4,7 @@ dir := util
>  extra_cflags += -I$(srcdir)/$(dir)
>  
>  libutil_c_srcs := $(dir)/xutil.c $(dir)/error_util.c $(dir)/hex-escape.c \
> -		  $(dir)/string-util.c
> +		  $(dir)/string-util.c $(dir)/xtalloc.c
>  
>  libutil_modules := $(libutil_c_srcs:.c=.o)
>  
> diff --git a/util/xtalloc.c b/util/xtalloc.c
> new file mode 100644
> index 0000000..22834bd
> --- /dev/null
> +++ b/util/xtalloc.c
> @@ -0,0 +1,15 @@
> +#include <string.h>
> +#include "xtalloc.h"
> +
> +char *
> +xtalloc_strndup_named_const (void *ctx, const char *str,
> +			     size_t len, const char *name)
> +{
> +    char *ptr = talloc_named_const (ctx, len + 1, name);
> +
> +    if (ptr) {
> +	memcpy (ptr, str, len);

This isn't safe.  If the string at ptr is actually shorter than len,
this may read past allocated memory and crash.

Maybe this should just call talloc_strndup and talloc_set_name_const?

> +	*(ptr + len) = '\0';
> +    }
> +    return ptr;
> +}
> diff --git a/util/xtalloc.h b/util/xtalloc.h
> new file mode 100644
> index 0000000..3cc1179
> --- /dev/null
> +++ b/util/xtalloc.h
> @@ -0,0 +1,18 @@
> +#ifndef _XTALLOC_H
> +#define _XTALLOC_H
> +
> +#include <talloc.h>
> +
> +/* Like talloc_strndup, but take an extra parameter for the internal talloc
> + * name (for debugging) */
> +
> +char *
> +xtalloc_strndup_named_const (void *ctx, const char *str,
> +			     size_t len, const char *name);

I agree with Tomi that these shouldn't be named with 'x'.  For this
one, it seems fine to simply drop the 'x', since the name is fully
descriptive of what it does.

> +
> +/* use the __location__ macro from talloc.h to name a string according to its
> + * source location */
> +
> +#define xtalloc_strndup(ctx, str, len) xtalloc_strndup_named_const (ctx, str, len, __location__)

For this, what about talloc_strndup_debug?

> +
> +#endif

next prev parent reply	other threads:[~2012-12-21  2:04 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-12-17  3:24 talloc leak debugging david
2012-12-17  3:24 ` [PATCH 1/3] CLI: add talloc leak report, controlled by an environment variable david
2012-12-20 15:40   ` Tomi Ollila
2012-12-20 16:58     ` David Bremner
2012-12-21  1:55   ` Austin Clements
2012-12-17  3:24 ` [PATCH 2/3] util: add xtalloc.[ch] david
2012-12-20 15:42   ` Tomi Ollila
2012-12-21  2:03   ` Austin Clements [this message]
2012-12-17  3:24 ` [PATCH 3/3] notmuch-restore: use xtalloc version of strndup david

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://notmuchmail.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20121221020358.GR6187@mit.edu \
    --to=amdragon@mit.edu \
    --cc=bremner@debian.org \
    --cc=david@tethera.net \
    --cc=notmuch@notmuchmail.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://yhetil.org/notmuch.git/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).