Tests for Andrew's talloc security work

Jeremy Allison jra at samba.org
Fri Sep 4 18:18:09 UTC 2015

On Fri, Sep 04, 2015 at 04:03:51PM +1200, Adrian Cochrane wrote:

> +static unsigned int talloc_magic = (

The above is my big problem with this.
It introduces a global static variable
to libtalloc, which causes problems
with threaded programs using talloc.

Currently talloc can be used safely
with threads if you call talloc_disable_null_tracking()
from the main thread before creating
any others, and ensure each thread
only accesses a context created off
the toplevel (NULL) context and
doesn't touch any other context.

Adding the above global static
breaks that - so it's an ABI
breakage IMHO.

Now in common use this variable
is only read, not written, and
only initialized once in a constructor
attribute when the library is loaded,
so this may mitigate the problem.

But I'd need to check that running
existing talloc + threaded programs under
valgrind hellgrind and drd to ensure
we don't get any error messages before
I can be convinced this is safe.

So NAK for now I'm afraid.


More information about the samba-technical mailing list