BUG: talloc reads freed memory.
tridge at samba.org
tridge at samba.org
Tue Dec 21 21:36:24 MST 2010
Hi Rusty,
Thanks for finding this!
> Now, simply clearing tc->prev (and tc->next) just breaks this reparenting
> logic. Getting the parent earlier in case the destructor fails is
> O(siblings) and we'd be better off just keeping all the parent pointers
> uptodate (ie. make talloc_steal() O(siblings)).
yep, I agree. We've discussed previously changing talloc to always
keep tc->parent valid, and now we have a really good reason to do
it. I've currently testing a patch that does this. It passes valgrind
tests so far.
Cheers, Tridge
More information about the samba-technical
mailing list