talloc -- Eureka*
tridge at samba.org
tridge at samba.org
Tue Jul 28 17:19:07 MDT 2009
Hi Sam,
If you can come up with a neat implementation of a new reference
counting function for talloc and that implementation doesn't make the
talloc code a lot more difficult to maintain then please do post a
patch for this.
> Let there be a new talloc_safe_reference which marks the reference to
> prevent talloc_free from considering it, and which is NOT counted with
> tridges new test.
please, don't call it "safe", and especially don't call it
talloc_safe_reference(). Compilers don't read English, so the compiler
won't generate safer code. I'm guessing you're calling it "safe" as
you think it is safer to use. That could well tempt people to replace
existing uses of talloc_reference() with calls to
talloc_safe_reference(). As I've shown, this can lead to security
holes, so it is definately not "safe".
What you're proposing is a different function with quite different
semantics, so please give it a different name too.
Cheers, Tridge
More information about the samba-technical
mailing list