python and NDR blobs GC reference surprise
Dave Craft
wimberosa at gmail.com
Wed Nov 30 14:15:43 MST 2011
I'm neither a python or ndr guru but the following surprised me enough
to mention
in this email. If its a bug I'd explore fixing at some point but if
its not a bug its documented
here for posterity.
The issue....
I had an instance in the samba_kcc python code where I needed to produce
a repsFromToBlob and attendant sub-structure repsFromTo1OtherInfo. Here's
the way I initially attempted...
reps = drsblobs.repsFromToBlob()
reps.version = 0x1
reps.ctr.other_info = drsblobs.repsFromTo1OtherInfo()
That reps.ctr.other_info piece has to be instantiated for the particular
version of the repsFromTo. In this instance I am producing a
version 0x1 structure.
The surprise....
What happens with this code however is that python does not
have a reference count for that repsFromTo1OtherInfo and immediately
deletes it. You thus get
talloc: access after free error - first free may be at
../lib/ldb/pyldb.c:684
Bad talloc magic value - access after free
if you try to access reps.ctr.other_info subsequently.
To get a reference count on to stick around you have to do this.
reps = drsblobs.repsFromToBlob()
reps.version = 0x1
other_info = drsblobs.repsFromTo1OtherInfo()
reps.ctr.other_info = other_info
That standalone "other_info" has to be there to hold the python
reference count.
--
Regards, Dave Craft
Cut the headlights and put it in neutral.
More information about the samba-technical
mailing list