hmm.. Re: talloc issues

Sam Liddicott sam at liddicott.com
Tue Jul 28 09:58:28 MDT 2009 

* Volker Lendecke wrote, On 28/07/09 16:47:
> On Tue, Jul 28, 2009 at 04:20:39PM +0100, Sam Liddicott wrote:
>>> Sorry, I'm lost here. If talloc_free is deprecated, 
>> It's not.
>>
>> It's just been used so much on purpose to "get rid of random latest
>> parent" and these uses need to be removed.
> 
> I don't even fully understand what you mean by this.
> 
> So I am not able to do this code audit. To me talloc is
> strictly hierarchical and there is no such thing as "random
> latest parent". 

AFACT Ever since talloc_reference came about, talloc_free free'd the
most recent parent/reference. I put "random latest parent" because the
problem is that it is hard to know which parent is being freed as it
depends on who has been taking references.

> Having to think about possible security
> holes or memory leaks by calling talloc_free (How weird is
> that. Creating a memory leak by calling talloc_FREE(!!) in a
> subtly wrong context) makes it unusable to me.

yes. Same here. I cannot use talloc as it stands or as it was last year.
It is crazy.

> Talloc_reference needs to go. It might be useful in your
> context, but for mere mortals like me this is just not
> acceptable. 

If we are stuck with the tridges current solution then yes, I agree,
talloc_references may as well go. While that solution makes it easy for
Samba4 to be "correct" it makes the references capability useless.

Talloc_free should only remove the parent that was provided during
talloc_zero or talloc_steal. I think you have no problem with that?

> In projects with more complexity than Samba 3
> has and where all the smart cookies do programming this
> might be common practice, but it is way over my head.

It is not reasonable in any place. But the fix that makes it sane breaks
samba4 which is currently in a delicate balance of actually working with
this insanity.

Perhaps the answer is to remove talloc_reference, and then put it back
properly...

I accept tridges comment that Samba4 will be too hard to fix up, and I
agree with you that talloc as it was or as it probably will be has
useless references. I also think it will be easier to fix that take out
altogether. SO I'm just going to sigh. *sigh*.

Sam

More information about the samba-technical mailing list