summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRusty Russell <rusty@rustcorp.com.au>2012-07-18 04:54:31 +0930
committerRusty Russell <rusty@rustcorp.com.au>2012-07-18 04:54:31 +0930
commit4f331872bc783445c709e5fe4846b8687e274953 (patch)
tree01730b205abad309b3aabc6b466a1992bdefe957
parent8893215aaf714154c190c66bf7d1ce568118ec39 (diff)
downloadsamba-4f331872bc783445c709e5fe4846b8687e274953.tar.gz
samba-4f331872bc783445c709e5fe4846b8687e274953.tar.bz2
samba-4f331872bc783445c709e5fe4846b8687e274953.zip
talloc: don't allow a talloc_pool inside a talloc_pool.
We explicitly call free() on a pool which falls to zero, assuming it's not inside another pool (we crash). Check on creation and explicitly document this case. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-rw-r--r--lib/talloc/talloc.c7
-rw-r--r--lib/talloc/talloc.h3
2 files changed, 9 insertions, 1 deletions
diff --git a/lib/talloc/talloc.c b/lib/talloc/talloc.c
index 345f212963..18ee548095 100644
--- a/lib/talloc/talloc.c
+++ b/lib/talloc/talloc.c
@@ -604,6 +604,13 @@ _PUBLIC_ void *talloc_pool(const void *context, size_t size)
}
pool_tc = (union talloc_pool_chunk *)talloc_chunk_from_ptr(result);
+ if (unlikely(pool_tc->hdr.c.flags & TALLOC_FLAG_POOLMEM)) {
+ /* We don't handle this correctly, so fail. */
+ talloc_log("talloc: cannot allocate pool off another pool %s\n",
+ talloc_get_name(context));
+ talloc_free(result);
+ return NULL;
+ }
pool_tc->hdr.c.flags |= TALLOC_FLAG_POOL;
pool_tc->hdr.c.pool = tc_pool_first_chunk(pool_tc);
diff --git a/lib/talloc/talloc.h b/lib/talloc/talloc.h
index 05e6292405..e48dc09a40 100644
--- a/lib/talloc/talloc.h
+++ b/lib/talloc/talloc.h
@@ -839,7 +839,8 @@ void *talloc_find_parent_bytype(const void *ptr, #type);
* talloc pool to a talloc parent outside the pool, the whole pool memory is
* not free(3)'ed until that moved chunk is also talloc_free()ed.
*
- * @param[in] context The talloc context to hang the result off.
+ * @param[in] context The talloc context to hang the result off (must not
+ * be another pool).
*
* @param[in] size Size of the talloc pool.
*