Line data Source code
1 : /*
2 : Samba Unix SMB/CIFS implementation.
3 :
4 : Samba trivial allocation library - new interface
5 :
6 : NOTE: Please read talloc_guide.txt for full documentation
7 :
8 : Copyright (C) Andrew Tridgell 2004
9 : Copyright (C) Stefan Metzmacher 2006
10 :
11 : ** NOTE! The following LGPL license applies to the talloc
12 : ** library. This does NOT imply that all of Samba is released
13 : ** under the LGPL
14 :
15 : This library is free software; you can redistribute it and/or
16 : modify it under the terms of the GNU Lesser General Public
17 : License as published by the Free Software Foundation; either
18 : version 3 of the License, or (at your option) any later version.
19 :
20 : This library is distributed in the hope that it will be useful,
21 : but WITHOUT ANY WARRANTY; without even the implied warranty of
22 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
23 : Lesser General Public License for more details.
24 :
25 : You should have received a copy of the GNU Lesser General Public
26 : License along with this library; if not, see <http://www.gnu.org/licenses/>.
27 : */
28 :
29 : /*
30 : inspired by http://swapped.cc/halloc/
31 : */
32 :
33 : #include "replace.h"
34 : #include "talloc.h"
35 :
36 : #ifdef HAVE_SYS_AUXV_H
37 : #include <sys/auxv.h>
38 : #endif
39 :
40 : #if (TALLOC_VERSION_MAJOR != TALLOC_BUILD_VERSION_MAJOR)
41 : #error "TALLOC_VERSION_MAJOR != TALLOC_BUILD_VERSION_MAJOR"
42 : #endif
43 :
44 : #if (TALLOC_VERSION_MINOR != TALLOC_BUILD_VERSION_MINOR)
45 : #error "TALLOC_VERSION_MINOR != TALLOC_BUILD_VERSION_MINOR"
46 : #endif
47 :
48 : /* Special macros that are no-ops except when run under Valgrind on
49 : * x86. They've moved a little bit from valgrind 1.0.4 to 1.9.4 */
50 : #ifdef HAVE_VALGRIND_MEMCHECK_H
51 : /* memcheck.h includes valgrind.h */
52 : #include <valgrind/memcheck.h>
53 : #elif defined(HAVE_VALGRIND_H)
54 : #include <valgrind.h>
55 : #endif
56 :
57 : #define MAX_TALLOC_SIZE 0x10000000
58 :
59 : #define TALLOC_FLAG_FREE 0x01
60 : #define TALLOC_FLAG_LOOP 0x02
61 : #define TALLOC_FLAG_POOL 0x04 /* This is a talloc pool */
62 : #define TALLOC_FLAG_POOLMEM 0x08 /* This is allocated in a pool */
63 :
64 : /*
65 : * Bits above this are random, used to make it harder to fake talloc
66 : * headers during an attack. Try not to change this without good reason.
67 : */
68 : #define TALLOC_FLAG_MASK 0x0F
69 :
70 : #define TALLOC_MAGIC_REFERENCE ((const char *)1)
71 :
72 : #define TALLOC_MAGIC_BASE 0xe814ec70
73 : #define TALLOC_MAGIC_NON_RANDOM ( \
74 : ~TALLOC_FLAG_MASK & ( \
75 : TALLOC_MAGIC_BASE + \
76 : (TALLOC_BUILD_VERSION_MAJOR << 24) + \
77 : (TALLOC_BUILD_VERSION_MINOR << 16) + \
78 : (TALLOC_BUILD_VERSION_RELEASE << 8)))
79 : static unsigned int talloc_magic = TALLOC_MAGIC_NON_RANDOM;
80 :
81 : /* by default we abort when given a bad pointer (such as when talloc_free() is called
82 : on a pointer that came from malloc() */
83 : #ifndef TALLOC_ABORT
84 : #define TALLOC_ABORT(reason) abort()
85 : #endif
86 :
87 : #ifndef discard_const_p
88 : #if defined(__intptr_t_defined) || defined(HAVE_INTPTR_T)
89 : # define discard_const_p(type, ptr) ((type *)((intptr_t)(ptr)))
90 : #else
91 : # define discard_const_p(type, ptr) ((type *)(ptr))
92 : #endif
93 : #endif
94 :
95 : /* these macros gain us a few percent of speed on gcc */
96 : #if (__GNUC__ >= 3)
97 : /* the strange !! is to ensure that __builtin_expect() takes either 0 or 1
98 : as its first argument */
99 : #ifndef likely
100 : #define likely(x) __builtin_expect(!!(x), 1)
101 : #endif
102 : #ifndef unlikely
103 : #define unlikely(x) __builtin_expect(!!(x), 0)
104 : #endif
105 : #else
106 : #ifndef likely
107 : #define likely(x) (x)
108 : #endif
109 : #ifndef unlikely
110 : #define unlikely(x) (x)
111 : #endif
112 : #endif
113 :
114 : /* this null_context is only used if talloc_enable_leak_report() or
115 : talloc_enable_leak_report_full() is called, otherwise it remains
116 : NULL
117 : */
118 : static void *null_context;
119 : static bool talloc_report_null;
120 : static bool talloc_report_null_full;
121 : static void *autofree_context;
122 :
123 : static void talloc_setup_atexit(void);
124 :
125 : /* used to enable fill of memory on free, which can be useful for
126 : * catching use after free errors when valgrind is too slow
127 : */
128 : static struct {
129 : bool initialised;
130 : bool enabled;
131 : uint8_t fill_value;
132 : } talloc_fill;
133 :
134 : #define TALLOC_FILL_ENV "TALLOC_FREE_FILL"
135 :
136 : /*
137 : * do not wipe the header, to allow the
138 : * double-free logic to still work
139 : */
140 : #define TC_INVALIDATE_FULL_FILL_CHUNK(_tc) do { \
141 : if (unlikely(talloc_fill.enabled)) { \
142 : size_t _flen = (_tc)->size; \
143 : char *_fptr = (char *)TC_PTR_FROM_CHUNK(_tc); \
144 : memset(_fptr, talloc_fill.fill_value, _flen); \
145 : } \
146 : } while (0)
147 :
148 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_NOACCESS)
149 : /* Mark the whole chunk as not accessable */
150 : #define TC_INVALIDATE_FULL_VALGRIND_CHUNK(_tc) do { \
151 : size_t _flen = TC_HDR_SIZE + (_tc)->size; \
152 : char *_fptr = (char *)(_tc); \
153 : VALGRIND_MAKE_MEM_NOACCESS(_fptr, _flen); \
154 : } while(0)
155 : #else
156 : #define TC_INVALIDATE_FULL_VALGRIND_CHUNK(_tc) do { } while (0)
157 : #endif
158 :
159 : #define TC_INVALIDATE_FULL_CHUNK(_tc) do { \
160 : TC_INVALIDATE_FULL_FILL_CHUNK(_tc); \
161 : TC_INVALIDATE_FULL_VALGRIND_CHUNK(_tc); \
162 : } while (0)
163 :
164 : #define TC_INVALIDATE_SHRINK_FILL_CHUNK(_tc, _new_size) do { \
165 : if (unlikely(talloc_fill.enabled)) { \
166 : size_t _flen = (_tc)->size - (_new_size); \
167 : char *_fptr = (char *)TC_PTR_FROM_CHUNK(_tc); \
168 : _fptr += (_new_size); \
169 : memset(_fptr, talloc_fill.fill_value, _flen); \
170 : } \
171 : } while (0)
172 :
173 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_NOACCESS)
174 : /* Mark the unused bytes not accessable */
175 : #define TC_INVALIDATE_SHRINK_VALGRIND_CHUNK(_tc, _new_size) do { \
176 : size_t _flen = (_tc)->size - (_new_size); \
177 : char *_fptr = (char *)TC_PTR_FROM_CHUNK(_tc); \
178 : _fptr += (_new_size); \
179 : VALGRIND_MAKE_MEM_NOACCESS(_fptr, _flen); \
180 : } while (0)
181 : #else
182 : #define TC_INVALIDATE_SHRINK_VALGRIND_CHUNK(_tc, _new_size) do { } while (0)
183 : #endif
184 :
185 : #define TC_INVALIDATE_SHRINK_CHUNK(_tc, _new_size) do { \
186 : TC_INVALIDATE_SHRINK_FILL_CHUNK(_tc, _new_size); \
187 : TC_INVALIDATE_SHRINK_VALGRIND_CHUNK(_tc, _new_size); \
188 : } while (0)
189 :
190 : #define TC_UNDEFINE_SHRINK_FILL_CHUNK(_tc, _new_size) do { \
191 : if (unlikely(talloc_fill.enabled)) { \
192 : size_t _flen = (_tc)->size - (_new_size); \
193 : char *_fptr = (char *)TC_PTR_FROM_CHUNK(_tc); \
194 : _fptr += (_new_size); \
195 : memset(_fptr, talloc_fill.fill_value, _flen); \
196 : } \
197 : } while (0)
198 :
199 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_UNDEFINED)
200 : /* Mark the unused bytes as undefined */
201 : #define TC_UNDEFINE_SHRINK_VALGRIND_CHUNK(_tc, _new_size) do { \
202 : size_t _flen = (_tc)->size - (_new_size); \
203 : char *_fptr = (char *)TC_PTR_FROM_CHUNK(_tc); \
204 : _fptr += (_new_size); \
205 : VALGRIND_MAKE_MEM_UNDEFINED(_fptr, _flen); \
206 : } while (0)
207 : #else
208 : #define TC_UNDEFINE_SHRINK_VALGRIND_CHUNK(_tc, _new_size) do { } while (0)
209 : #endif
210 :
211 : #define TC_UNDEFINE_SHRINK_CHUNK(_tc, _new_size) do { \
212 : TC_UNDEFINE_SHRINK_FILL_CHUNK(_tc, _new_size); \
213 : TC_UNDEFINE_SHRINK_VALGRIND_CHUNK(_tc, _new_size); \
214 : } while (0)
215 :
216 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_UNDEFINED)
217 : /* Mark the new bytes as undefined */
218 : #define TC_UNDEFINE_GROW_VALGRIND_CHUNK(_tc, _new_size) do { \
219 : size_t _old_used = TC_HDR_SIZE + (_tc)->size; \
220 : size_t _new_used = TC_HDR_SIZE + (_new_size); \
221 : size_t _flen = _new_used - _old_used; \
222 : char *_fptr = _old_used + (char *)(_tc); \
223 : VALGRIND_MAKE_MEM_UNDEFINED(_fptr, _flen); \
224 : } while (0)
225 : #else
226 : #define TC_UNDEFINE_GROW_VALGRIND_CHUNK(_tc, _new_size) do { } while (0)
227 : #endif
228 :
229 : #define TC_UNDEFINE_GROW_CHUNK(_tc, _new_size) do { \
230 : TC_UNDEFINE_GROW_VALGRIND_CHUNK(_tc, _new_size); \
231 : } while (0)
232 :
233 : struct talloc_reference_handle {
234 : struct talloc_reference_handle *next, *prev;
235 : void *ptr;
236 : const char *location;
237 : };
238 :
239 : struct talloc_memlimit {
240 : struct talloc_chunk *parent;
241 : struct talloc_memlimit *upper;
242 : size_t max_size;
243 : size_t cur_size;
244 : };
245 :
246 : static inline bool talloc_memlimit_check(struct talloc_memlimit *limit, size_t size);
247 : static inline void talloc_memlimit_grow(struct talloc_memlimit *limit,
248 : size_t size);
249 : static inline void talloc_memlimit_shrink(struct talloc_memlimit *limit,
250 : size_t size);
251 : static inline void tc_memlimit_update_on_free(struct talloc_chunk *tc);
252 :
253 : static inline void _tc_set_name_const(struct talloc_chunk *tc,
254 : const char *name);
255 : static struct talloc_chunk *_vasprintf_tc(const void *t,
256 : const char *fmt,
257 : va_list ap);
258 :
259 : typedef int (*talloc_destructor_t)(void *);
260 :
261 : struct talloc_pool_hdr;
262 :
263 : struct talloc_chunk {
264 : /*
265 : * flags includes the talloc magic, which is randomised to
266 : * make overwrite attacks harder
267 : */
268 : unsigned flags;
269 :
270 : /*
271 : * If you have a logical tree like:
272 : *
273 : * <parent>
274 : * / | \
275 : * / | \
276 : * / | \
277 : * <child 1> <child 2> <child 3>
278 : *
279 : * The actual talloc tree is:
280 : *
281 : * <parent>
282 : * |
283 : * <child 1> - <child 2> - <child 3>
284 : *
285 : * The children are linked with next/prev pointers, and
286 : * child 1 is linked to the parent with parent/child
287 : * pointers.
288 : */
289 :
290 : struct talloc_chunk *next, *prev;
291 : struct talloc_chunk *parent, *child;
292 : struct talloc_reference_handle *refs;
293 : talloc_destructor_t destructor;
294 : const char *name;
295 : size_t size;
296 :
297 : /*
298 : * limit semantics:
299 : * if 'limit' is set it means all *new* children of the context will
300 : * be limited to a total aggregate size ox max_size for memory
301 : * allocations.
302 : * cur_size is used to keep track of the current use
303 : */
304 : struct talloc_memlimit *limit;
305 :
306 : /*
307 : * For members of a pool (i.e. TALLOC_FLAG_POOLMEM is set), "pool"
308 : * is a pointer to the struct talloc_chunk of the pool that it was
309 : * allocated from. This way children can quickly find the pool to chew
310 : * from.
311 : */
312 : struct talloc_pool_hdr *pool;
313 : };
314 :
315 : union talloc_chunk_cast_u {
316 : uint8_t *ptr;
317 : struct talloc_chunk *chunk;
318 : };
319 :
320 : /* 16 byte alignment seems to keep everyone happy */
321 : #define TC_ALIGN16(s) (((s)+15)&~15)
322 : #define TC_HDR_SIZE TC_ALIGN16(sizeof(struct talloc_chunk))
323 : #define TC_PTR_FROM_CHUNK(tc) ((void *)(TC_HDR_SIZE + (char*)tc))
324 :
325 0 : _PUBLIC_ int talloc_version_major(void)
326 : {
327 0 : return TALLOC_VERSION_MAJOR;
328 : }
329 :
330 0 : _PUBLIC_ int talloc_version_minor(void)
331 : {
332 0 : return TALLOC_VERSION_MINOR;
333 : }
334 :
335 2 : _PUBLIC_ int talloc_test_get_magic(void)
336 : {
337 2 : return talloc_magic;
338 : }
339 :
340 39165184042 : static inline void _talloc_chunk_set_free(struct talloc_chunk *tc,
341 : const char *location)
342 : {
343 : /*
344 : * Mark this memory as free, and also over-stamp the talloc
345 : * magic with the old-style magic.
346 : *
347 : * Why? This tries to avoid a memory read use-after-free from
348 : * disclosing our talloc magic, which would then allow an
349 : * attacker to prepare a valid header and so run a destructor.
350 : *
351 : */
352 40469358893 : tc->flags = TALLOC_MAGIC_NON_RANDOM | TALLOC_FLAG_FREE
353 40469358893 : | (tc->flags & TALLOC_FLAG_MASK);
354 :
355 : /* we mark the freed memory with where we called the free
356 : * from. This means on a double free error we can report where
357 : * the first free came from
358 : */
359 40422127024 : if (location) {
360 38544131974 : tc->name = location;
361 : }
362 39165184042 : }
363 :
364 1877995050 : static inline void _talloc_chunk_set_not_free(struct talloc_chunk *tc)
365 : {
366 : /*
367 : * Mark this memory as not free.
368 : *
369 : * Why? This is memory either in a pool (and so available for
370 : * talloc's re-use or after the realloc(). We need to mark
371 : * the memory as free() before any realloc() call as we can't
372 : * write to the memory after that.
373 : *
374 : * We put back the normal magic instead of the 'not random'
375 : * magic.
376 : */
377 :
378 1925226919 : tc->flags = talloc_magic |
379 1925204637 : ((tc->flags & TALLOC_FLAG_MASK) & ~TALLOC_FLAG_FREE);
380 1877995050 : }
381 :
382 : static void (*talloc_log_fn)(const char *message);
383 :
384 145239 : _PUBLIC_ void talloc_set_log_fn(void (*log_fn)(const char *message))
385 : {
386 145239 : talloc_log_fn = log_fn;
387 145239 : }
388 :
389 : #ifdef HAVE_CONSTRUCTOR_ATTRIBUTE
390 : #define CONSTRUCTOR __attribute__((constructor))
391 : #elif defined(HAVE_PRAGMA_INIT)
392 : #define CONSTRUCTOR
393 : #pragma init (talloc_lib_init)
394 : #endif
395 : #if defined(HAVE_CONSTRUCTOR_ATTRIBUTE) || defined(HAVE_PRAGMA_INIT)
396 : void talloc_lib_init(void) CONSTRUCTOR;
397 80630 : void talloc_lib_init(void)
398 : {
399 : uint32_t random_value;
400 : #if defined(HAVE_GETAUXVAL) && defined(AT_RANDOM)
401 : uint8_t *p;
402 : /*
403 : * Use the kernel-provided random values used for
404 : * ASLR. This won't change per-exec, which is ideal for us
405 : */
406 80630 : p = (uint8_t *) getauxval(AT_RANDOM);
407 80630 : if (p) {
408 : /*
409 : * We get 16 bytes from getauxval. By calling rand(),
410 : * a totally insecure PRNG, but one that will
411 : * deterministically have a different value when called
412 : * twice, we ensure that if two talloc-like libraries
413 : * are somehow loaded in the same address space, that
414 : * because we choose different bytes, we will keep the
415 : * protection against collision of multiple talloc
416 : * libs.
417 : *
418 : * This protection is important because the effects of
419 : * passing a talloc pointer from one to the other may
420 : * be very hard to determine.
421 : */
422 80630 : int offset = rand() % (16 - sizeof(random_value));
423 80630 : memcpy(&random_value, p + offset, sizeof(random_value));
424 : } else
425 : #endif
426 : {
427 : /*
428 : * Otherwise, hope the location we are loaded in
429 : * memory is randomised by someone else
430 : */
431 0 : random_value = ((uintptr_t)talloc_lib_init & 0xFFFFFFFF);
432 : }
433 80630 : talloc_magic = random_value & ~TALLOC_FLAG_MASK;
434 80630 : }
435 : #else
436 : #warning "No __attribute__((constructor)) support found on this platform, additional talloc security measures not available"
437 : #endif
438 :
439 14 : static void talloc_lib_atexit(void)
440 : {
441 14 : TALLOC_FREE(autofree_context);
442 :
443 14 : if (talloc_total_size(null_context) == 0) {
444 1 : return;
445 : }
446 :
447 12 : if (talloc_report_null_full) {
448 0 : talloc_report_full(null_context, stderr);
449 12 : } else if (talloc_report_null) {
450 12 : talloc_report(null_context, stderr);
451 : }
452 : }
453 :
454 16 : static void talloc_setup_atexit(void)
455 : {
456 : static bool done;
457 :
458 18 : if (done) {
459 3 : return;
460 : }
461 :
462 14 : atexit(talloc_lib_atexit);
463 14 : done = true;
464 : }
465 :
466 : static void talloc_log(const char *fmt, ...) PRINTF_ATTRIBUTE(1,2);
467 6 : static void talloc_log(const char *fmt, ...)
468 : {
469 : va_list ap;
470 : char *message;
471 :
472 6 : if (!talloc_log_fn) {
473 0 : return;
474 : }
475 :
476 6 : va_start(ap, fmt);
477 6 : message = talloc_vasprintf(NULL, fmt, ap);
478 6 : va_end(ap);
479 :
480 6 : talloc_log_fn(message);
481 6 : talloc_free(message);
482 : }
483 :
484 0 : static void talloc_log_stderr(const char *message)
485 : {
486 0 : fprintf(stderr, "%s", message);
487 0 : }
488 :
489 0 : _PUBLIC_ void talloc_set_log_stderr(void)
490 : {
491 0 : talloc_set_log_fn(talloc_log_stderr);
492 0 : }
493 :
494 : static void (*talloc_abort_fn)(const char *reason);
495 :
496 62880 : _PUBLIC_ void talloc_set_abort_fn(void (*abort_fn)(const char *reason))
497 : {
498 62880 : talloc_abort_fn = abort_fn;
499 62880 : }
500 :
501 0 : static void talloc_abort(const char *reason)
502 : {
503 0 : talloc_log("%s\n", reason);
504 :
505 0 : if (!talloc_abort_fn) {
506 0 : TALLOC_ABORT(reason);
507 : }
508 :
509 0 : talloc_abort_fn(reason);
510 0 : }
511 :
512 0 : static void talloc_abort_access_after_free(void)
513 : {
514 0 : talloc_abort("Bad talloc magic value - access after free");
515 0 : }
516 :
517 0 : static void talloc_abort_unknown_value(void)
518 : {
519 0 : talloc_abort("Bad talloc magic value - unknown value");
520 0 : }
521 :
522 : /* panic if we get a bad magic value */
523 92668452324 : static inline struct talloc_chunk *talloc_chunk_from_ptr(const void *ptr)
524 : {
525 92668452324 : const char *pp = (const char *)ptr;
526 92668452324 : struct talloc_chunk *tc = discard_const_p(struct talloc_chunk, pp - TC_HDR_SIZE);
527 92668452324 : if (unlikely((tc->flags & (TALLOC_FLAG_FREE | ~TALLOC_FLAG_MASK)) != talloc_magic)) {
528 0 : if ((tc->flags & (TALLOC_FLAG_FREE | ~TALLOC_FLAG_MASK))
529 : == (TALLOC_MAGIC_NON_RANDOM | TALLOC_FLAG_FREE)) {
530 0 : talloc_log("talloc: access after free error - first free may be at %s\n", tc->name);
531 0 : talloc_abort_access_after_free();
532 0 : return NULL;
533 : }
534 :
535 0 : talloc_abort_unknown_value();
536 0 : return NULL;
537 : }
538 90445426352 : return tc;
539 : }
540 :
541 : /* hook into the front of the list */
542 : #define _TLIST_ADD(list, p) \
543 : do { \
544 : if (!(list)) { \
545 : (list) = (p); \
546 : (p)->next = (p)->prev = NULL; \
547 : } else { \
548 : (list)->prev = (p); \
549 : (p)->next = (list); \
550 : (p)->prev = NULL; \
551 : (list) = (p); \
552 : }\
553 : } while (0)
554 :
555 : /* remove an element from a list - element doesn't have to be in list. */
556 : #define _TLIST_REMOVE(list, p) \
557 : do { \
558 : if ((p) == (list)) { \
559 : (list) = (p)->next; \
560 : if (list) (list)->prev = NULL; \
561 : } else { \
562 : if ((p)->prev) (p)->prev->next = (p)->next; \
563 : if ((p)->next) (p)->next->prev = (p)->prev; \
564 : } \
565 : if ((p) && ((p) != (list))) (p)->next = (p)->prev = NULL; \
566 : } while (0)
567 :
568 :
569 : /*
570 : return the parent chunk of a pointer
571 : */
572 2123092810 : static inline struct talloc_chunk *talloc_parent_chunk(const void *ptr)
573 : {
574 : struct talloc_chunk *tc;
575 :
576 2145647409 : if (unlikely(ptr == NULL)) {
577 456361 : return NULL;
578 : }
579 :
580 2145541255 : tc = talloc_chunk_from_ptr(ptr);
581 2565080225 : while (tc->prev) tc=tc->prev;
582 :
583 2145541255 : return tc->parent;
584 : }
585 :
586 1336125281 : _PUBLIC_ void *talloc_parent(const void *ptr)
587 : {
588 1336110637 : struct talloc_chunk *tc = talloc_parent_chunk(ptr);
589 1336110637 : return tc? TC_PTR_FROM_CHUNK(tc) : NULL;
590 : }
591 :
592 : /*
593 : find parents name
594 : */
595 0 : _PUBLIC_ const char *talloc_parent_name(const void *ptr)
596 : {
597 0 : struct talloc_chunk *tc = talloc_parent_chunk(ptr);
598 0 : return tc? tc->name : NULL;
599 : }
600 :
601 : /*
602 : A pool carries an in-pool object count count in the first 16 bytes.
603 : bytes. This is done to support talloc_steal() to a parent outside of the
604 : pool. The count includes the pool itself, so a talloc_free() on a pool will
605 : only destroy the pool if the count has dropped to zero. A talloc_free() of a
606 : pool member will reduce the count, and eventually also call free(3) on the
607 : pool memory.
608 :
609 : The object count is not put into "struct talloc_chunk" because it is only
610 : relevant for talloc pools and the alignment to 16 bytes would increase the
611 : memory footprint of each talloc chunk by those 16 bytes.
612 : */
613 :
614 : struct talloc_pool_hdr {
615 : void *end;
616 : unsigned int object_count;
617 : size_t poolsize;
618 : };
619 :
620 : union talloc_pool_hdr_cast_u {
621 : uint8_t *ptr;
622 : struct talloc_pool_hdr *hdr;
623 : };
624 :
625 : #define TP_HDR_SIZE TC_ALIGN16(sizeof(struct talloc_pool_hdr))
626 :
627 4507425850 : static inline struct talloc_pool_hdr *talloc_pool_from_chunk(struct talloc_chunk *c)
628 : {
629 4563689387 : union talloc_chunk_cast_u tcc = { .chunk = c };
630 4563689387 : union talloc_pool_hdr_cast_u tphc = { tcc.ptr - TP_HDR_SIZE };
631 4507425850 : return tphc.hdr;
632 : }
633 :
634 7606898690 : static inline struct talloc_chunk *talloc_chunk_from_pool(struct talloc_pool_hdr *h)
635 : {
636 8005372823 : union talloc_pool_hdr_cast_u tphc = { .hdr = h };
637 8005372823 : union talloc_chunk_cast_u tcc = { .ptr = tphc.ptr + TP_HDR_SIZE };
638 7606898690 : return tcc.chunk;
639 : }
640 :
641 4738897555 : static inline void *tc_pool_end(struct talloc_pool_hdr *pool_hdr)
642 : {
643 4939976019 : struct talloc_chunk *tc = talloc_chunk_from_pool(pool_hdr);
644 4939976019 : return (char *)tc + TC_HDR_SIZE + pool_hdr->poolsize;
645 : }
646 :
647 4714884029 : static inline size_t tc_pool_space_left(struct talloc_pool_hdr *pool_hdr)
648 : {
649 4915962477 : return (char *)tc_pool_end(pool_hdr) - (char *)pool_hdr->end;
650 : }
651 :
652 : /* If tc is inside a pool, this gives the next neighbour. */
653 2874504278 : static inline void *tc_next_chunk(struct talloc_chunk *tc)
654 : {
655 3071941476 : return (char *)tc + TC_ALIGN16(TC_HDR_SIZE + tc->size);
656 : }
657 :
658 806398751 : static inline void *tc_pool_first_chunk(struct talloc_pool_hdr *pool_hdr)
659 : {
660 855866442 : struct talloc_chunk *tc = talloc_chunk_from_pool(pool_hdr);
661 855866442 : return tc_next_chunk(tc);
662 : }
663 :
664 : /* Mark the whole remaining pool as not accessable */
665 1708061040 : static inline void tc_invalidate_pool(struct talloc_pool_hdr *pool_hdr)
666 : {
667 1708061040 : size_t flen = tc_pool_space_left(pool_hdr);
668 :
669 1708061040 : if (unlikely(talloc_fill.enabled)) {
670 0 : memset(pool_hdr->end, talloc_fill.fill_value, flen);
671 : }
672 :
673 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_NOACCESS)
674 : VALGRIND_MAKE_MEM_NOACCESS(pool_hdr->end, flen);
675 : #endif
676 1708061040 : }
677 :
678 : /*
679 : Allocate from a pool
680 : */
681 :
682 36715449448 : static inline struct talloc_chunk *tc_alloc_pool(struct talloc_chunk *parent,
683 : size_t size, size_t prefix_len)
684 : {
685 36715449448 : struct talloc_pool_hdr *pool_hdr = NULL;
686 : union talloc_chunk_cast_u tcc;
687 : size_t space_left;
688 : struct talloc_chunk *result;
689 : size_t chunk_size;
690 :
691 36715449448 : if (parent == NULL) {
692 0 : return NULL;
693 : }
694 :
695 36715449448 : if (parent->flags & TALLOC_FLAG_POOL) {
696 1981942487 : pool_hdr = talloc_pool_from_chunk(parent);
697 : }
698 34733506961 : else if (parent->flags & TALLOC_FLAG_POOLMEM) {
699 1221022201 : pool_hdr = parent->pool;
700 : }
701 :
702 35767707396 : if (pool_hdr == NULL) {
703 32564742708 : return NULL;
704 : }
705 :
706 3202964688 : space_left = tc_pool_space_left(pool_hdr);
707 :
708 : /*
709 : * Align size to 16 bytes
710 : */
711 3202964688 : chunk_size = TC_ALIGN16(size + prefix_len);
712 :
713 3202964688 : if (space_left < chunk_size) {
714 1008802286 : return NULL;
715 : }
716 :
717 2192171218 : tcc = (union talloc_chunk_cast_u) {
718 2192171218 : .ptr = ((uint8_t *)pool_hdr->end) + prefix_len
719 : };
720 2192171218 : result = tcc.chunk;
721 :
722 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_UNDEFINED)
723 : VALGRIND_MAKE_MEM_UNDEFINED(pool_hdr->end, chunk_size);
724 : #endif
725 :
726 2192171218 : pool_hdr->end = (void *)((char *)pool_hdr->end + chunk_size);
727 :
728 2192171218 : result->flags = talloc_magic | TALLOC_FLAG_POOLMEM;
729 2192171218 : result->pool = pool_hdr;
730 :
731 2192171218 : pool_hdr->object_count++;
732 :
733 2192171218 : return result;
734 : }
735 :
736 : /*
737 : Allocate a bit of memory as a child of an existing pointer
738 : */
739 36939077723 : static inline void *__talloc_with_prefix(const void *context,
740 : size_t size,
741 : size_t prefix_len,
742 : struct talloc_chunk **tc_ret)
743 : {
744 36939077723 : struct talloc_chunk *tc = NULL;
745 36939077723 : struct talloc_memlimit *limit = NULL;
746 36939077723 : size_t total_len = TC_HDR_SIZE + size + prefix_len;
747 36939077723 : struct talloc_chunk *parent = NULL;
748 :
749 36939077723 : if (unlikely(context == NULL)) {
750 408530295 : context = null_context;
751 : }
752 :
753 36939077723 : if (unlikely(size >= MAX_TALLOC_SIZE)) {
754 1 : return NULL;
755 : }
756 :
757 36939077721 : if (unlikely(total_len < TC_HDR_SIZE)) {
758 0 : return NULL;
759 : }
760 :
761 36939077721 : if (likely(context != NULL)) {
762 36701448431 : parent = talloc_chunk_from_ptr(context);
763 :
764 36701448431 : if (parent->limit != NULL) {
765 50 : limit = parent->limit;
766 : }
767 :
768 36701448431 : tc = tc_alloc_pool(parent, TC_HDR_SIZE+size, prefix_len);
769 : }
770 :
771 36939077721 : if (tc == NULL) {
772 33770527789 : uint8_t *ptr = NULL;
773 : union talloc_chunk_cast_u tcc;
774 :
775 : /*
776 : * Only do the memlimit check/update on actual allocation.
777 : */
778 34747086815 : if (!talloc_memlimit_check(limit, total_len)) {
779 12 : errno = ENOMEM;
780 18 : return NULL;
781 : }
782 :
783 34747086803 : ptr = malloc(total_len);
784 34747086803 : if (unlikely(ptr == NULL)) {
785 0 : return NULL;
786 : }
787 34747086803 : tcc = (union talloc_chunk_cast_u) { .ptr = ptr + prefix_len };
788 34747086803 : tc = tcc.chunk;
789 34747086803 : tc->flags = talloc_magic;
790 34747086803 : tc->pool = NULL;
791 :
792 33770527783 : talloc_memlimit_grow(limit, total_len);
793 : }
794 :
795 36939077709 : tc->limit = limit;
796 36939077709 : tc->size = size;
797 36939077709 : tc->destructor = NULL;
798 36939077709 : tc->child = NULL;
799 36939077709 : tc->name = NULL;
800 36939077709 : tc->refs = NULL;
801 :
802 36939077709 : if (likely(context != NULL)) {
803 36701448419 : if (parent->child) {
804 25652774576 : parent->child->parent = NULL;
805 25652774576 : tc->next = parent->child;
806 25652774576 : tc->next->prev = tc;
807 : } else {
808 11048673843 : tc->next = NULL;
809 : }
810 36701448419 : tc->parent = parent;
811 36701448419 : tc->prev = NULL;
812 36701448419 : parent->child = tc;
813 : } else {
814 237629290 : tc->next = tc->prev = tc->parent = NULL;
815 : }
816 :
817 36939077709 : *tc_ret = tc;
818 36939077709 : return TC_PTR_FROM_CHUNK(tc);
819 : }
820 :
821 34952029682 : static inline void *__talloc(const void *context,
822 : size_t size,
823 : struct talloc_chunk **tc)
824 : {
825 36075148614 : return __talloc_with_prefix(context, size, 0, tc);
826 : }
827 :
828 : /*
829 : * Create a talloc pool
830 : */
831 :
832 863929109 : static inline void *_talloc_pool(const void *context, size_t size)
833 : {
834 : struct talloc_chunk *tc;
835 : struct talloc_pool_hdr *pool_hdr;
836 : void *result;
837 :
838 863929109 : result = __talloc_with_prefix(context, size, TP_HDR_SIZE, &tc);
839 :
840 863929109 : if (unlikely(result == NULL)) {
841 0 : return NULL;
842 : }
843 :
844 865443800 : pool_hdr = talloc_pool_from_chunk(tc);
845 :
846 863929109 : tc->flags |= TALLOC_FLAG_POOL;
847 863929109 : tc->size = 0;
848 :
849 863929109 : pool_hdr->object_count = 1;
850 863929109 : pool_hdr->end = result;
851 863929109 : pool_hdr->poolsize = size;
852 :
853 863929109 : tc_invalidate_pool(pool_hdr);
854 :
855 863929109 : return result;
856 : }
857 :
858 5296603 : _PUBLIC_ void *talloc_pool(const void *context, size_t size)
859 : {
860 5296603 : return _talloc_pool(context, size);
861 : }
862 :
863 : /*
864 : * Create a talloc pool correctly sized for a basic size plus
865 : * a number of subobjects whose total size is given. Essentially
866 : * a custom allocator for talloc to reduce fragmentation.
867 : */
868 :
869 858632506 : _PUBLIC_ void *_talloc_pooled_object(const void *ctx,
870 : size_t type_size,
871 : const char *type_name,
872 : unsigned num_subobjects,
873 : size_t total_subobjects_size)
874 : {
875 : size_t poolsize, subobjects_slack, tmp;
876 : struct talloc_chunk *tc;
877 : struct talloc_pool_hdr *pool_hdr;
878 : void *ret;
879 :
880 858632506 : poolsize = type_size + total_subobjects_size;
881 :
882 858632506 : if ((poolsize < type_size) || (poolsize < total_subobjects_size)) {
883 0 : goto overflow;
884 : }
885 :
886 858632506 : if (num_subobjects == UINT_MAX) {
887 0 : goto overflow;
888 : }
889 858632506 : num_subobjects += 1; /* the object body itself */
890 :
891 : /*
892 : * Alignment can increase the pool size by at most 15 bytes per object
893 : * plus alignment for the object itself
894 : */
895 858632506 : subobjects_slack = (TC_HDR_SIZE + TP_HDR_SIZE + 15) * num_subobjects;
896 858632506 : if (subobjects_slack < num_subobjects) {
897 0 : goto overflow;
898 : }
899 :
900 858632506 : tmp = poolsize + subobjects_slack;
901 1682062798 : if ((tmp < poolsize) || (tmp < subobjects_slack)) {
902 0 : goto overflow;
903 : }
904 858632506 : poolsize = tmp;
905 :
906 858632506 : ret = _talloc_pool(ctx, poolsize);
907 858632506 : if (ret == NULL) {
908 0 : return NULL;
909 : }
910 :
911 858632506 : tc = talloc_chunk_from_ptr(ret);
912 858632506 : tc->size = type_size;
913 :
914 858632506 : pool_hdr = talloc_pool_from_chunk(tc);
915 :
916 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_UNDEFINED)
917 : VALGRIND_MAKE_MEM_UNDEFINED(pool_hdr->end, type_size);
918 : #endif
919 :
920 858632506 : pool_hdr->end = ((char *)pool_hdr->end + TC_ALIGN16(type_size));
921 :
922 860097108 : _tc_set_name_const(tc, type_name);
923 858632506 : return ret;
924 :
925 1464602 : overflow:
926 0 : return NULL;
927 : }
928 :
929 : /*
930 : setup a destructor to be called on free of a pointer
931 : the destructor should return 0 on success, or -1 on failure.
932 : if the destructor fails then the free is failed, and the memory can
933 : be continued to be used
934 : */
935 3569746313 : _PUBLIC_ void _talloc_set_destructor(const void *ptr, int (*destructor)(void *))
936 : {
937 3569746313 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ptr);
938 3569745950 : tc->destructor = destructor;
939 3569745950 : }
940 :
941 : /*
942 : increase the reference count on a piece of memory.
943 : */
944 10 : _PUBLIC_ int talloc_increase_ref_count(const void *ptr)
945 : {
946 10 : if (unlikely(!talloc_reference(null_context, ptr))) {
947 0 : return -1;
948 : }
949 10 : return 0;
950 : }
951 :
952 : /*
953 : helper for talloc_reference()
954 :
955 : this is referenced by a function pointer and should not be inline
956 : */
957 224200851 : static int talloc_reference_destructor(struct talloc_reference_handle *handle)
958 : {
959 224200851 : struct talloc_chunk *ptr_tc = talloc_chunk_from_ptr(handle->ptr);
960 224200851 : _TLIST_REMOVE(ptr_tc->refs, handle);
961 224200851 : return 0;
962 : }
963 :
964 : /*
965 : more efficient way to add a name to a pointer - the name must point to a
966 : true string constant
967 : */
968 42832957549 : static inline void _tc_set_name_const(struct talloc_chunk *tc,
969 : const char *name)
970 : {
971 44078874237 : tc->name = name;
972 42832957549 : }
973 :
974 : /*
975 : internal talloc_named_const()
976 : */
977 26782895308 : static inline void *_talloc_named_const(const void *context, size_t size, const char *name)
978 : {
979 : void *ptr;
980 : struct talloc_chunk *tc;
981 :
982 27649017271 : ptr = __talloc(context, size, &tc);
983 27649017271 : if (unlikely(ptr == NULL)) {
984 6 : return NULL;
985 : }
986 :
987 28515139216 : _tc_set_name_const(tc, name);
988 :
989 26782895302 : return ptr;
990 : }
991 :
992 : /*
993 : make a secondary reference to a pointer, hanging off the given context.
994 : the pointer remains valid until both the original caller and this given
995 : context are freed.
996 :
997 : the major use for this is when two different structures need to reference the
998 : same underlying data, and you want to be able to free the two instances separately,
999 : and in either order
1000 : */
1001 225339458 : _PUBLIC_ void *_talloc_reference_loc(const void *context, const void *ptr, const char *location)
1002 : {
1003 : struct talloc_chunk *tc;
1004 : struct talloc_reference_handle *handle;
1005 225339458 : if (unlikely(ptr == NULL)) return NULL;
1006 :
1007 224427752 : tc = talloc_chunk_from_ptr(ptr);
1008 224427752 : handle = (struct talloc_reference_handle *)_talloc_named_const(context,
1009 : sizeof(struct talloc_reference_handle),
1010 : TALLOC_MAGIC_REFERENCE);
1011 224427752 : if (unlikely(handle == NULL)) return NULL;
1012 :
1013 : /* note that we hang the destructor off the handle, not the
1014 : main context as that allows the caller to still setup their
1015 : own destructor on the context if they want to */
1016 224427752 : talloc_set_destructor(handle, talloc_reference_destructor);
1017 224427752 : handle->ptr = discard_const_p(void, ptr);
1018 224427752 : handle->location = location;
1019 224427752 : _TLIST_ADD(tc->refs, handle);
1020 224427752 : return handle->ptr;
1021 : }
1022 :
1023 : static void *_talloc_steal_internal(const void *new_ctx, const void *ptr);
1024 :
1025 2179724644 : static inline void _tc_free_poolmem(struct talloc_chunk *tc,
1026 : const char *location)
1027 : {
1028 : struct talloc_pool_hdr *pool;
1029 : struct talloc_chunk *pool_tc;
1030 : void *next_tc;
1031 :
1032 2179724645 : pool = tc->pool;
1033 2179724645 : pool_tc = talloc_chunk_from_pool(pool);
1034 2179724645 : next_tc = tc_next_chunk(tc);
1035 :
1036 2327613332 : _talloc_chunk_set_free(tc, location);
1037 :
1038 2179724645 : TC_INVALIDATE_FULL_CHUNK(tc);
1039 :
1040 2179724645 : if (unlikely(pool->object_count == 0)) {
1041 0 : talloc_abort("Pool object count zero!");
1042 0 : return;
1043 : }
1044 :
1045 2179724645 : pool->object_count--;
1046 :
1047 2179724645 : if (unlikely(pool->object_count == 1
1048 : && !(pool_tc->flags & TALLOC_FLAG_FREE))) {
1049 : /*
1050 : * if there is just one object left in the pool
1051 : * and pool->flags does not have TALLOC_FLAG_FREE,
1052 : * it means this is the pool itself and
1053 : * the rest is available for new objects
1054 : * again.
1055 : */
1056 831852900 : pool->end = tc_pool_first_chunk(pool);
1057 831852900 : tc_invalidate_pool(pool);
1058 831852900 : return;
1059 : }
1060 :
1061 1347871745 : if (unlikely(pool->object_count == 0)) {
1062 : /*
1063 : * we mark the freed memory with where we called the free
1064 : * from. This means on a double free error we can report where
1065 : * the first free came from
1066 : */
1067 89572598 : pool_tc->name = location;
1068 :
1069 89572598 : if (pool_tc->flags & TALLOC_FLAG_POOLMEM) {
1070 5561 : _tc_free_poolmem(pool_tc, location);
1071 : } else {
1072 : /*
1073 : * The tc_memlimit_update_on_free()
1074 : * call takes into account the
1075 : * prefix TP_HDR_SIZE allocated before
1076 : * the pool talloc_chunk.
1077 : */
1078 89567036 : tc_memlimit_update_on_free(pool_tc);
1079 89567036 : TC_INVALIDATE_FULL_CHUNK(pool_tc);
1080 89567036 : free(pool);
1081 : }
1082 89360770 : return;
1083 : }
1084 :
1085 1258299147 : if (pool->end == next_tc) {
1086 : /*
1087 : * if pool->pool still points to end of
1088 : * 'tc' (which is stored in the 'next_tc' variable),
1089 : * we can reclaim the memory of 'tc'.
1090 : */
1091 409641356 : pool->end = tc;
1092 409641356 : return;
1093 : }
1094 :
1095 : /*
1096 : * Do nothing. The memory is just "wasted", waiting for the pool
1097 : * itself to be freed.
1098 : */
1099 : }
1100 :
1101 : static inline void _tc_free_children_internal(struct talloc_chunk *tc,
1102 : void *ptr,
1103 : const char *location);
1104 :
1105 : static inline int _talloc_free_internal(void *ptr, const char *location);
1106 :
1107 : /*
1108 : internal free call that takes a struct talloc_chunk *.
1109 : */
1110 36790908921 : static inline int _tc_free_internal(struct talloc_chunk *tc,
1111 : const char *location)
1112 : {
1113 : void *ptr_to_free;
1114 36790908921 : void *ptr = TC_PTR_FROM_CHUNK(tc);
1115 :
1116 36790908921 : if (unlikely(tc->refs)) {
1117 : int is_child;
1118 : /* check if this is a reference from a child or
1119 : * grandchild back to it's parent or grandparent
1120 : *
1121 : * in that case we need to remove the reference and
1122 : * call another instance of talloc_free() on the current
1123 : * pointer.
1124 : */
1125 20588631 : is_child = talloc_is_parent(tc->refs, ptr);
1126 20588631 : _talloc_free_internal(tc->refs, location);
1127 20588631 : if (is_child) {
1128 27682 : return _talloc_free_internal(ptr, location);
1129 : }
1130 18181152 : return -1;
1131 : }
1132 :
1133 36770320290 : if (unlikely(tc->flags & TALLOC_FLAG_LOOP)) {
1134 : /* we have a free loop - stop looping */
1135 390 : return 0;
1136 : }
1137 :
1138 36770319899 : if (unlikely(tc->destructor)) {
1139 2323223917 : talloc_destructor_t d = tc->destructor;
1140 :
1141 : /*
1142 : * Protect the destructor against some overwrite
1143 : * attacks, by explicitly checking it has the right
1144 : * magic here.
1145 : */
1146 2323223917 : if (talloc_chunk_from_ptr(ptr) != tc) {
1147 : /*
1148 : * This can't actually happen, the
1149 : * call itself will panic.
1150 : */
1151 0 : TALLOC_ABORT("talloc_chunk_from_ptr failed!");
1152 : }
1153 :
1154 2323223917 : if (d == (talloc_destructor_t)-1) {
1155 600736 : return -1;
1156 : }
1157 2322623072 : tc->destructor = (talloc_destructor_t)-1;
1158 2322623072 : if (d(ptr) == -1) {
1159 : /*
1160 : * Only replace the destructor pointer if
1161 : * calling the destructor didn't modify it.
1162 : */
1163 405311725 : if (tc->destructor == (talloc_destructor_t)-1) {
1164 405310059 : tc->destructor = d;
1165 : }
1166 401082367 : return -1;
1167 : }
1168 1917311347 : tc->destructor = NULL;
1169 : }
1170 :
1171 36364407329 : if (tc->parent) {
1172 32917064874 : _TLIST_REMOVE(tc->parent->child, tc);
1173 32917064874 : if (tc->parent->child) {
1174 21911392285 : tc->parent->child->parent = tc->parent;
1175 : }
1176 : } else {
1177 3447342455 : if (tc->prev) tc->prev->next = tc->next;
1178 3447342455 : if (tc->next) tc->next->prev = tc->prev;
1179 3447342455 : tc->prev = tc->next = NULL;
1180 : }
1181 :
1182 36364407329 : tc->flags |= TALLOC_FLAG_LOOP;
1183 :
1184 36364407329 : _tc_free_children_internal(tc, ptr, location);
1185 :
1186 37473461624 : _talloc_chunk_set_free(tc, location);
1187 :
1188 36364407329 : if (tc->flags & TALLOC_FLAG_POOL) {
1189 : struct talloc_pool_hdr *pool;
1190 :
1191 859185283 : pool = talloc_pool_from_chunk(tc);
1192 :
1193 859185283 : if (unlikely(pool->object_count == 0)) {
1194 0 : talloc_abort("Pool object count zero!");
1195 0 : return 0;
1196 : }
1197 :
1198 859185283 : pool->object_count--;
1199 :
1200 859185283 : if (likely(pool->object_count != 0)) {
1201 89374568 : return 0;
1202 : }
1203 :
1204 : /*
1205 : * With object_count==0, a pool becomes a normal piece of
1206 : * memory to free. If it's allocated inside a pool, it needs
1207 : * to be freed as poolmem, else it needs to be just freed.
1208 : */
1209 768365216 : ptr_to_free = pool;
1210 : } else {
1211 34397613250 : ptr_to_free = tc;
1212 : }
1213 :
1214 36274820924 : if (tc->flags & TALLOC_FLAG_POOLMEM) {
1215 2165718072 : _tc_free_poolmem(tc, location);
1216 2165718072 : return 0;
1217 : }
1218 :
1219 34109102852 : tc_memlimit_update_on_free(tc);
1220 :
1221 34109102852 : TC_INVALIDATE_FULL_CHUNK(tc);
1222 34109102852 : free(ptr_to_free);
1223 34109102852 : return 0;
1224 : }
1225 :
1226 : /*
1227 : internal talloc_free call
1228 : */
1229 8444322879 : static inline int _talloc_free_internal(void *ptr, const char *location)
1230 : {
1231 : struct talloc_chunk *tc;
1232 :
1233 8444322879 : if (unlikely(ptr == NULL)) {
1234 0 : return -1;
1235 : }
1236 :
1237 : /* possibly initialised the talloc fill value */
1238 8444322879 : if (unlikely(!talloc_fill.initialised)) {
1239 72757 : const char *fill = getenv(TALLOC_FILL_ENV);
1240 72757 : if (fill != NULL) {
1241 0 : talloc_fill.enabled = true;
1242 0 : talloc_fill.fill_value = strtoul(fill, NULL, 0);
1243 : }
1244 72757 : talloc_fill.initialised = true;
1245 : }
1246 :
1247 8444322879 : tc = talloc_chunk_from_ptr(ptr);
1248 8444322879 : return _tc_free_internal(tc, location);
1249 : }
1250 :
1251 : static inline size_t _talloc_total_limit_size(const void *ptr,
1252 : struct talloc_memlimit *old_limit,
1253 : struct talloc_memlimit *new_limit);
1254 :
1255 : /*
1256 : move a lump of memory from one talloc context to another return the
1257 : ptr on success, or NULL if it could not be transferred.
1258 : passing NULL as ptr will always return NULL with no side effects.
1259 : */
1260 2194257298 : static void *_talloc_steal_internal(const void *new_ctx, const void *ptr)
1261 : {
1262 : struct talloc_chunk *tc, *new_tc;
1263 2194257298 : size_t ctx_size = 0;
1264 :
1265 2194257298 : if (unlikely(!ptr)) {
1266 0 : return NULL;
1267 : }
1268 :
1269 2194257298 : if (unlikely(new_ctx == NULL)) {
1270 21257610 : new_ctx = null_context;
1271 : }
1272 :
1273 2194257298 : tc = talloc_chunk_from_ptr(ptr);
1274 :
1275 2194257298 : if (tc->limit != NULL) {
1276 :
1277 4 : ctx_size = _talloc_total_limit_size(ptr, NULL, NULL);
1278 :
1279 : /* Decrement the memory limit from the source .. */
1280 6 : talloc_memlimit_shrink(tc->limit->upper, ctx_size);
1281 :
1282 4 : if (tc->limit->parent == tc) {
1283 0 : tc->limit->upper = NULL;
1284 : } else {
1285 4 : tc->limit = NULL;
1286 : }
1287 : }
1288 :
1289 2194257298 : if (unlikely(new_ctx == NULL)) {
1290 20809854 : if (tc->parent) {
1291 20800118 : _TLIST_REMOVE(tc->parent->child, tc);
1292 20800118 : if (tc->parent->child) {
1293 141168 : tc->parent->child->parent = tc->parent;
1294 : }
1295 : } else {
1296 9736 : if (tc->prev) tc->prev->next = tc->next;
1297 9736 : if (tc->next) tc->next->prev = tc->prev;
1298 : }
1299 :
1300 20809854 : tc->parent = tc->next = tc->prev = NULL;
1301 20809854 : return discard_const_p(void, ptr);
1302 : }
1303 :
1304 2173447444 : new_tc = talloc_chunk_from_ptr(new_ctx);
1305 :
1306 2173447444 : if (unlikely(tc == new_tc || tc->parent == new_tc)) {
1307 76135826 : return discard_const_p(void, ptr);
1308 : }
1309 :
1310 2094037135 : if (tc->parent) {
1311 1595575919 : _TLIST_REMOVE(tc->parent->child, tc);
1312 1595575919 : if (tc->parent->child) {
1313 304798972 : tc->parent->child->parent = tc->parent;
1314 : }
1315 : } else {
1316 498461216 : if (tc->prev) tc->prev->next = tc->next;
1317 498461216 : if (tc->next) tc->next->prev = tc->prev;
1318 498461216 : tc->prev = tc->next = NULL;
1319 : }
1320 :
1321 2094037135 : tc->parent = new_tc;
1322 2094037135 : if (new_tc->child) new_tc->child->parent = NULL;
1323 2094037135 : _TLIST_ADD(new_tc->child, tc);
1324 :
1325 2094037135 : if (tc->limit || new_tc->limit) {
1326 6 : ctx_size = _talloc_total_limit_size(ptr, tc->limit,
1327 : new_tc->limit);
1328 : /* .. and increment it in the destination. */
1329 4 : if (new_tc->limit) {
1330 2 : talloc_memlimit_grow(new_tc->limit, ctx_size);
1331 : }
1332 : }
1333 :
1334 2046459198 : return discard_const_p(void, ptr);
1335 : }
1336 :
1337 : /*
1338 : move a lump of memory from one talloc context to another return the
1339 : ptr on success, or NULL if it could not be transferred.
1340 : passing NULL as ptr will always return NULL with no side effects.
1341 : */
1342 3252526478 : _PUBLIC_ void *_talloc_steal_loc(const void *new_ctx, const void *ptr, const char *location)
1343 : {
1344 : struct talloc_chunk *tc;
1345 :
1346 3252526478 : if (unlikely(ptr == NULL)) {
1347 1389411915 : return NULL;
1348 : }
1349 :
1350 1822218909 : tc = talloc_chunk_from_ptr(ptr);
1351 :
1352 1822218909 : if (unlikely(tc->refs != NULL) && talloc_parent(ptr) != new_ctx) {
1353 : struct talloc_reference_handle *h;
1354 :
1355 0 : talloc_log("WARNING: talloc_steal with references at %s\n",
1356 : location);
1357 :
1358 0 : for (h=tc->refs; h; h=h->next) {
1359 0 : talloc_log("\treference at %s\n",
1360 : h->location);
1361 : }
1362 : }
1363 :
1364 : #if 0
1365 : /* this test is probably too expensive to have on in the
1366 : normal build, but it useful for debugging */
1367 : if (talloc_is_parent(new_ctx, ptr)) {
1368 : talloc_log("WARNING: stealing into talloc child at %s\n", location);
1369 : }
1370 : #endif
1371 :
1372 1822218909 : return _talloc_steal_internal(new_ctx, ptr);
1373 : }
1374 :
1375 : /*
1376 : this is like a talloc_steal(), but you must supply the old
1377 : parent. This resolves the ambiguity in a talloc_steal() which is
1378 : called on a context that has more than one parent (via references)
1379 :
1380 : The old parent can be either a reference or a parent
1381 : */
1382 7911327 : _PUBLIC_ void *talloc_reparent(const void *old_parent, const void *new_parent, const void *ptr)
1383 : {
1384 : struct talloc_chunk *tc;
1385 : struct talloc_reference_handle *h;
1386 :
1387 7911327 : if (unlikely(ptr == NULL)) {
1388 4445685 : return NULL;
1389 : }
1390 :
1391 3374499 : if (old_parent == talloc_parent(ptr)) {
1392 3225672 : return _talloc_steal_internal(new_parent, ptr);
1393 : }
1394 :
1395 148827 : tc = talloc_chunk_from_ptr(ptr);
1396 148827 : for (h=tc->refs;h;h=h->next) {
1397 0 : if (talloc_parent(h) == old_parent) {
1398 0 : if (_talloc_steal_internal(new_parent, h) != h) {
1399 0 : return NULL;
1400 : }
1401 0 : return discard_const_p(void, ptr);
1402 : }
1403 : }
1404 :
1405 : /* it wasn't a parent */
1406 147502 : return NULL;
1407 : }
1408 :
1409 : /*
1410 : remove a secondary reference to a pointer. This undo's what
1411 : talloc_reference() has done. The context and pointer arguments
1412 : must match those given to a talloc_reference()
1413 : */
1414 72220460 : static inline int talloc_unreference(const void *context, const void *ptr)
1415 : {
1416 72220460 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ptr);
1417 : struct talloc_reference_handle *h;
1418 :
1419 72220460 : if (unlikely(context == NULL)) {
1420 65203164 : context = null_context;
1421 : }
1422 :
1423 74781982 : for (h=tc->refs;h;h=h->next) {
1424 5118573 : struct talloc_chunk *p = talloc_parent_chunk(h);
1425 5118573 : if (p == NULL) {
1426 0 : if (context == NULL) break;
1427 5118573 : } else if (TC_PTR_FROM_CHUNK(p) == context) {
1428 2374472 : break;
1429 : }
1430 : }
1431 72220460 : if (h == NULL) {
1432 63358200 : return -1;
1433 : }
1434 :
1435 2557051 : return _talloc_free_internal(h, __location__);
1436 : }
1437 :
1438 : /*
1439 : remove a specific parent context from a pointer. This is a more
1440 : controlled variant of talloc_free()
1441 : */
1442 :
1443 : /* coverity[ -tainted_data_sink : arg-1 ] */
1444 71998656 : _PUBLIC_ int talloc_unlink(const void *context, void *ptr)
1445 : {
1446 : struct talloc_chunk *tc_p, *new_p, *tc_c;
1447 : void *new_parent;
1448 :
1449 71998656 : if (ptr == NULL) {
1450 2181561 : return -1;
1451 : }
1452 :
1453 69688556 : if (context == NULL) {
1454 65759345 : context = null_context;
1455 : }
1456 :
1457 69688556 : if (talloc_unreference(context, ptr) == 0) {
1458 24823 : return 0;
1459 : }
1460 :
1461 69663409 : if (context != NULL) {
1462 4460245 : tc_c = talloc_chunk_from_ptr(context);
1463 : } else {
1464 59090457 : tc_c = NULL;
1465 : }
1466 69663409 : if (tc_c != talloc_parent_chunk(ptr)) {
1467 110857 : return -1;
1468 : }
1469 :
1470 69551535 : tc_p = talloc_chunk_from_ptr(ptr);
1471 :
1472 69551535 : if (tc_p->refs == NULL) {
1473 67019631 : return _talloc_free_internal(ptr, __location__);
1474 : }
1475 :
1476 2531904 : new_p = talloc_parent_chunk(tc_p->refs);
1477 2531904 : if (new_p) {
1478 2531904 : new_parent = TC_PTR_FROM_CHUNK(new_p);
1479 : } else {
1480 0 : new_parent = NULL;
1481 : }
1482 :
1483 2531904 : if (talloc_unreference(new_parent, ptr) != 0) {
1484 0 : return -1;
1485 : }
1486 :
1487 2531904 : _talloc_steal_internal(new_parent, ptr);
1488 :
1489 2531904 : return 0;
1490 : }
1491 :
1492 : /*
1493 : add a name to an existing pointer - va_list version
1494 : */
1495 : static inline const char *tc_set_name_v(struct talloc_chunk *tc,
1496 : const char *fmt,
1497 : va_list ap) PRINTF_ATTRIBUTE(2,0);
1498 :
1499 19872711 : static inline const char *tc_set_name_v(struct talloc_chunk *tc,
1500 : const char *fmt,
1501 : va_list ap)
1502 : {
1503 24329847 : struct talloc_chunk *name_tc = _vasprintf_tc(TC_PTR_FROM_CHUNK(tc),
1504 : fmt,
1505 : ap);
1506 24329847 : if (likely(name_tc)) {
1507 24329847 : tc->name = TC_PTR_FROM_CHUNK(name_tc);
1508 24329847 : _tc_set_name_const(name_tc, ".name");
1509 : } else {
1510 0 : tc->name = NULL;
1511 : }
1512 24329847 : return tc->name;
1513 : }
1514 :
1515 : /*
1516 : add a name to an existing pointer
1517 : */
1518 13144639 : _PUBLIC_ const char *talloc_set_name(const void *ptr, const char *fmt, ...)
1519 : {
1520 13144639 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ptr);
1521 : const char *name;
1522 : va_list ap;
1523 13144639 : va_start(ap, fmt);
1524 13144639 : name = tc_set_name_v(tc, fmt, ap);
1525 13144639 : va_end(ap);
1526 13144639 : return name;
1527 : }
1528 :
1529 :
1530 : /*
1531 : create a named talloc pointer. Any talloc pointer can be named, and
1532 : talloc_named() operates just like talloc() except that it allows you
1533 : to name the pointer.
1534 : */
1535 9811688 : _PUBLIC_ void *talloc_named(const void *context, size_t size, const char *fmt, ...)
1536 : {
1537 : va_list ap;
1538 : void *ptr;
1539 : const char *name;
1540 : struct talloc_chunk *tc;
1541 :
1542 9811688 : ptr = __talloc(context, size, &tc);
1543 9811688 : if (unlikely(ptr == NULL)) return NULL;
1544 :
1545 9811688 : va_start(ap, fmt);
1546 13962621 : name = tc_set_name_v(tc, fmt, ap);
1547 9811688 : va_end(ap);
1548 :
1549 9811688 : if (unlikely(name == NULL)) {
1550 0 : _talloc_free_internal(ptr, __location__);
1551 0 : return NULL;
1552 : }
1553 :
1554 5660755 : return ptr;
1555 : }
1556 :
1557 : /*
1558 : return the name of a talloc ptr, or "UNNAMED"
1559 : */
1560 12007151425 : static inline const char *__talloc_get_name(const void *ptr)
1561 : {
1562 12229885553 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ptr);
1563 12229881701 : if (unlikely(tc->name == TALLOC_MAGIC_REFERENCE)) {
1564 0 : return ".reference";
1565 : }
1566 12229881701 : if (likely(tc->name)) {
1567 12007147538 : return tc->name;
1568 : }
1569 35 : return "UNNAMED";
1570 : }
1571 :
1572 1839647 : _PUBLIC_ const char *talloc_get_name(const void *ptr)
1573 : {
1574 1839647 : return __talloc_get_name(ptr);
1575 : }
1576 :
1577 : /*
1578 : check if a pointer has the given name. If it does, return the pointer,
1579 : otherwise return NULL
1580 : */
1581 6769145607 : _PUBLIC_ void *talloc_check_name(const void *ptr, const char *name)
1582 : {
1583 : const char *pname;
1584 6769145607 : if (unlikely(ptr == NULL)) return NULL;
1585 6757560195 : pname = __talloc_get_name(ptr);
1586 6757560195 : if (likely(pname == name || strcmp(pname, name) == 0)) {
1587 6429929163 : return discard_const_p(void, ptr);
1588 : }
1589 160731184 : return NULL;
1590 : }
1591 :
1592 0 : static void talloc_abort_type_mismatch(const char *location,
1593 : const char *name,
1594 : const char *expected)
1595 : {
1596 : const char *reason;
1597 :
1598 0 : reason = talloc_asprintf(NULL,
1599 : "%s: Type mismatch: name[%s] expected[%s]",
1600 : location,
1601 : name?name:"NULL",
1602 : expected);
1603 0 : if (!reason) {
1604 0 : reason = "Type mismatch";
1605 : }
1606 :
1607 0 : talloc_abort(reason);
1608 0 : }
1609 :
1610 5470486461 : _PUBLIC_ void *_talloc_get_type_abort(const void *ptr, const char *name, const char *location)
1611 : {
1612 : const char *pname;
1613 :
1614 5470486461 : if (unlikely(ptr == NULL)) {
1615 0 : talloc_abort_type_mismatch(location, NULL, name);
1616 0 : return NULL;
1617 : }
1618 :
1619 5470486461 : pname = __talloc_get_name(ptr);
1620 5470479859 : if (likely(pname == name || strcmp(pname, name) == 0)) {
1621 5414868617 : return discard_const_p(void, ptr);
1622 : }
1623 :
1624 0 : talloc_abort_type_mismatch(location, pname, name);
1625 0 : return NULL;
1626 : }
1627 :
1628 : /*
1629 : this is for compatibility with older versions of talloc
1630 : */
1631 1373520 : _PUBLIC_ void *talloc_init(const char *fmt, ...)
1632 : {
1633 : va_list ap;
1634 : void *ptr;
1635 : const char *name;
1636 : struct talloc_chunk *tc;
1637 :
1638 1373520 : ptr = __talloc(NULL, 0, &tc);
1639 1373520 : if (unlikely(ptr == NULL)) return NULL;
1640 :
1641 1373520 : va_start(ap, fmt);
1642 1454870 : name = tc_set_name_v(tc, fmt, ap);
1643 1373520 : va_end(ap);
1644 :
1645 1373520 : if (unlikely(name == NULL)) {
1646 0 : _talloc_free_internal(ptr, __location__);
1647 0 : return NULL;
1648 : }
1649 :
1650 1292170 : return ptr;
1651 : }
1652 :
1653 36957422216 : static inline void _tc_free_children_internal(struct talloc_chunk *tc,
1654 : void *ptr,
1655 : const char *location)
1656 : {
1657 96715031984 : while (tc->child) {
1658 : /* we need to work out who will own an abandoned child
1659 : if it cannot be freed. In priority order, the first
1660 : choice is owner of any remaining reference to this
1661 : pointer, the second choice is our parent, and the
1662 : final choice is the null context. */
1663 28346586042 : void *child = TC_PTR_FROM_CHUNK(tc->child);
1664 28346586042 : const void *new_parent = null_context;
1665 28346586042 : if (unlikely(tc->child->refs)) {
1666 22950631 : struct talloc_chunk *p = talloc_parent_chunk(tc->child->refs);
1667 20570748 : if (p) new_parent = TC_PTR_FROM_CHUNK(p);
1668 : }
1669 28346586042 : if (unlikely(_tc_free_internal(tc->child, location) == -1)) {
1670 366282479 : if (talloc_parent_chunk(child) != tc) {
1671 : /*
1672 : * Destructor already reparented this child.
1673 : * No further reparenting needed.
1674 : */
1675 1666 : continue;
1676 : }
1677 366280813 : if (new_parent == null_context) {
1678 345719866 : struct talloc_chunk *p = talloc_parent_chunk(ptr);
1679 345719866 : if (p) new_parent = TC_PTR_FROM_CHUNK(p);
1680 : }
1681 366280813 : _talloc_steal_internal(new_parent, child);
1682 : }
1683 : }
1684 36957422216 : }
1685 :
1686 : /*
1687 : this is a replacement for the Samba3 talloc_destroy_pool functionality. It
1688 : should probably not be used in new code. It's in here to keep the talloc
1689 : code consistent across Samba 3 and 4.
1690 : */
1691 593014887 : _PUBLIC_ void talloc_free_children(void *ptr)
1692 : {
1693 593014887 : struct talloc_chunk *tc_name = NULL;
1694 : struct talloc_chunk *tc;
1695 :
1696 593014887 : if (unlikely(ptr == NULL)) {
1697 0 : return;
1698 : }
1699 :
1700 593014887 : tc = talloc_chunk_from_ptr(ptr);
1701 :
1702 : /* we do not want to free the context name if it is a child .. */
1703 593014887 : if (likely(tc->child)) {
1704 631865618 : for (tc_name = tc->child; tc_name; tc_name = tc_name->next) {
1705 399249931 : if (tc->name == TC_PTR_FROM_CHUNK(tc_name)) break;
1706 : }
1707 233863581 : if (tc_name) {
1708 281 : _TLIST_REMOVE(tc->child, tc_name);
1709 281 : if (tc->child) {
1710 281 : tc->child->parent = tc;
1711 : }
1712 : }
1713 : }
1714 :
1715 593014887 : _tc_free_children_internal(tc, ptr, __location__);
1716 :
1717 : /* .. so we put it back after all other children have been freed */
1718 593014887 : if (tc_name) {
1719 281 : if (tc->child) {
1720 0 : tc->child->parent = NULL;
1721 : }
1722 281 : tc_name->parent = tc;
1723 281 : _TLIST_ADD(tc->child, tc_name);
1724 : }
1725 : }
1726 :
1727 : /*
1728 : Allocate a bit of memory as a child of an existing pointer
1729 : */
1730 0 : _PUBLIC_ void *_talloc(const void *context, size_t size)
1731 : {
1732 : struct talloc_chunk *tc;
1733 0 : return __talloc(context, size, &tc);
1734 : }
1735 :
1736 : /*
1737 : externally callable talloc_set_name_const()
1738 : */
1739 4772340744 : _PUBLIC_ void talloc_set_name_const(const void *ptr, const char *name)
1740 : {
1741 4833099427 : _tc_set_name_const(talloc_chunk_from_ptr(ptr), name);
1742 4772340744 : }
1743 :
1744 : /*
1745 : create a named talloc pointer. Any talloc pointer can be named, and
1746 : talloc_named() operates just like talloc() except that it allows you
1747 : to name the pointer.
1748 : */
1749 4065920235 : _PUBLIC_ void *talloc_named_const(const void *context, size_t size, const char *name)
1750 : {
1751 4065920235 : return _talloc_named_const(context, size, name);
1752 : }
1753 :
1754 : /*
1755 : free a talloc pointer. This also frees all child pointers of this
1756 : pointer recursively
1757 :
1758 : return 0 if the memory is actually freed, otherwise -1. The memory
1759 : will not be freed if the ref_count is > 1 or the destructor (if
1760 : any) returns non-zero
1761 : */
1762 8973863331 : _PUBLIC_ int _talloc_free(void *ptr, const char *location)
1763 : {
1764 : struct talloc_chunk *tc;
1765 :
1766 8973863331 : if (unlikely(ptr == NULL)) {
1767 602425435 : return -1;
1768 : }
1769 :
1770 8354439728 : tc = talloc_chunk_from_ptr(ptr);
1771 :
1772 8354439728 : if (unlikely(tc->refs != NULL)) {
1773 : struct talloc_reference_handle *h;
1774 :
1775 309844 : if (talloc_parent(ptr) == null_context && tc->refs->next == NULL) {
1776 : /* in this case we do know which parent should
1777 : get this pointer, as there is really only
1778 : one parent */
1779 309842 : return talloc_unlink(null_context, ptr);
1780 : }
1781 :
1782 2 : talloc_log("ERROR: talloc_free with references at %s\n",
1783 : location);
1784 :
1785 6 : for (h=tc->refs; h; h=h->next) {
1786 4 : talloc_log("\treference at %s\n",
1787 : h->location);
1788 : }
1789 2 : return -1;
1790 : }
1791 :
1792 8354129884 : return _talloc_free_internal(ptr, location);
1793 : }
1794 :
1795 :
1796 :
1797 : /*
1798 : A talloc version of realloc. The context argument is only used if
1799 : ptr is NULL
1800 : */
1801 4342029334 : _PUBLIC_ void *_talloc_realloc(const void *context, void *ptr, size_t size, const char *name)
1802 : {
1803 : struct talloc_chunk *tc;
1804 : void *new_ptr;
1805 4342029334 : bool malloced = false;
1806 4342029334 : struct talloc_pool_hdr *pool_hdr = NULL;
1807 4342029334 : size_t old_size = 0;
1808 4342029334 : size_t new_size = 0;
1809 :
1810 : /* size zero is equivalent to free() */
1811 4342029334 : if (unlikely(size == 0)) {
1812 130427 : talloc_unlink(context, ptr);
1813 130427 : return NULL;
1814 : }
1815 :
1816 4341898907 : if (unlikely(size >= MAX_TALLOC_SIZE)) {
1817 1 : return NULL;
1818 : }
1819 :
1820 : /* realloc(NULL) is equivalent to malloc() */
1821 4341898905 : if (ptr == NULL) {
1822 918099744 : return _talloc_named_const(context, size, name);
1823 : }
1824 :
1825 3423799161 : tc = talloc_chunk_from_ptr(ptr);
1826 :
1827 : /* don't allow realloc on referenced pointers */
1828 3423799161 : if (unlikely(tc->refs)) {
1829 1 : return NULL;
1830 : }
1831 :
1832 : /* don't let anybody try to realloc a talloc_pool */
1833 3423799159 : if (unlikely(tc->flags & TALLOC_FLAG_POOL)) {
1834 0 : return NULL;
1835 : }
1836 :
1837 : /* handle realloc inside a talloc_pool */
1838 3423799159 : if (unlikely(tc->flags & TALLOC_FLAG_POOLMEM)) {
1839 31725406 : pool_hdr = tc->pool;
1840 : }
1841 :
1842 : /* don't shrink if we have less than 1k to gain */
1843 3423799159 : if (size < tc->size && tc->limit == NULL) {
1844 939997047 : if (pool_hdr) {
1845 1824535 : void *next_tc = tc_next_chunk(tc);
1846 1824535 : TC_INVALIDATE_SHRINK_CHUNK(tc, size);
1847 1824535 : tc->size = size;
1848 1824535 : if (next_tc == pool_hdr->end) {
1849 : /* note: tc->size has changed, so this works */
1850 1824171 : pool_hdr->end = tc_next_chunk(tc);
1851 : }
1852 1810847 : return ptr;
1853 903495035 : } else if ((tc->size - size) < 1024) {
1854 : /*
1855 : * if we call TC_INVALIDATE_SHRINK_CHUNK() here
1856 : * we would need to call TC_UNDEFINE_GROW_CHUNK()
1857 : * after each realloc call, which slows down
1858 : * testing a lot :-(.
1859 : *
1860 : * That is why we only mark memory as undefined here.
1861 : */
1862 851616404 : TC_UNDEFINE_SHRINK_CHUNK(tc, size);
1863 :
1864 : /* do not shrink if we have less than 1k to gain */
1865 851616404 : tc->size = size;
1866 851616404 : return ptr;
1867 : }
1868 2518479589 : } else if (tc->size == size) {
1869 : /*
1870 : * do not change the pointer if it is exactly
1871 : * the same size.
1872 : */
1873 631262335 : return ptr;
1874 : }
1875 :
1876 : /*
1877 : * by resetting magic we catch users of the old memory
1878 : *
1879 : * We mark this memory as free, and also over-stamp the talloc
1880 : * magic with the old-style magic.
1881 : *
1882 : * Why? This tries to avoid a memory read use-after-free from
1883 : * disclosing our talloc magic, which would then allow an
1884 : * attacker to prepare a valid header and so run a destructor.
1885 : *
1886 : * What else? We have to re-stamp back a valid normal magic
1887 : * on this memory once realloc() is done, as it will have done
1888 : * a memcpy() into the new valid memory. We can't do this in
1889 : * reverse as that would be a real use-after-free.
1890 : */
1891 1972458788 : _talloc_chunk_set_free(tc, NULL);
1892 :
1893 1925226919 : if (pool_hdr) {
1894 : struct talloc_chunk *pool_tc;
1895 29805717 : void *next_tc = tc_next_chunk(tc);
1896 29805717 : size_t old_chunk_size = TC_ALIGN16(TC_HDR_SIZE + tc->size);
1897 29805717 : size_t new_chunk_size = TC_ALIGN16(TC_HDR_SIZE + size);
1898 : size_t space_needed;
1899 : size_t space_left;
1900 29805717 : unsigned int chunk_count = pool_hdr->object_count;
1901 :
1902 29805717 : pool_tc = talloc_chunk_from_pool(pool_hdr);
1903 29805717 : if (!(pool_tc->flags & TALLOC_FLAG_FREE)) {
1904 5791079 : chunk_count -= 1;
1905 : }
1906 :
1907 29805717 : if (chunk_count == 1) {
1908 : /*
1909 : * optimize for the case where 'tc' is the only
1910 : * chunk in the pool.
1911 : */
1912 24013542 : char *start = tc_pool_first_chunk(pool_hdr);
1913 24013542 : space_needed = new_chunk_size;
1914 24013542 : space_left = (char *)tc_pool_end(pool_hdr) - start;
1915 :
1916 24013542 : if (space_left >= space_needed) {
1917 12279031 : size_t old_used = TC_HDR_SIZE + tc->size;
1918 12279031 : size_t new_used = TC_HDR_SIZE + size;
1919 12279031 : new_ptr = start;
1920 :
1921 : #if defined(DEVELOPER) && defined(VALGRIND_MAKE_MEM_UNDEFINED)
1922 : {
1923 : /*
1924 : * The area from
1925 : * start -> tc may have
1926 : * been freed and thus been marked as
1927 : * VALGRIND_MEM_NOACCESS. Set it to
1928 : * VALGRIND_MEM_UNDEFINED so we can
1929 : * copy into it without valgrind errors.
1930 : * We can't just mark
1931 : * new_ptr -> new_ptr + old_used
1932 : * as this may overlap on top of tc,
1933 : * (which is why we use memmove, not
1934 : * memcpy below) hence the MIN.
1935 : */
1936 : size_t undef_len = MIN((((char *)tc) - ((char *)new_ptr)),old_used);
1937 : VALGRIND_MAKE_MEM_UNDEFINED(new_ptr, undef_len);
1938 : }
1939 : #endif
1940 :
1941 12279031 : memmove(new_ptr, tc, old_used);
1942 :
1943 12279031 : tc = (struct talloc_chunk *)new_ptr;
1944 : TC_UNDEFINE_GROW_CHUNK(tc, size);
1945 :
1946 : /*
1947 : * first we do not align the pool pointer
1948 : * because we want to invalidate the padding
1949 : * too.
1950 : */
1951 12279031 : pool_hdr->end = new_used + (char *)new_ptr;
1952 12279031 : tc_invalidate_pool(pool_hdr);
1953 :
1954 : /* now the aligned pointer */
1955 12279031 : pool_hdr->end = new_chunk_size + (char *)new_ptr;
1956 12279031 : goto got_new_ptr;
1957 : }
1958 :
1959 11734504 : next_tc = NULL;
1960 : }
1961 :
1962 17526686 : if (new_chunk_size == old_chunk_size) {
1963 : TC_UNDEFINE_GROW_CHUNK(tc, size);
1964 629703 : _talloc_chunk_set_not_free(tc);
1965 629703 : tc->size = size;
1966 629703 : return ptr;
1967 : }
1968 :
1969 16896983 : if (next_tc == pool_hdr->end) {
1970 : /*
1971 : * optimize for the case where 'tc' is the last
1972 : * chunk in the pool.
1973 : */
1974 4936749 : space_needed = new_chunk_size - old_chunk_size;
1975 4936749 : space_left = tc_pool_space_left(pool_hdr);
1976 :
1977 4936749 : if (space_left >= space_needed) {
1978 : TC_UNDEFINE_GROW_CHUNK(tc, size);
1979 2895966 : _talloc_chunk_set_not_free(tc);
1980 2895966 : tc->size = size;
1981 2895966 : pool_hdr->end = tc_next_chunk(tc);
1982 2895966 : return ptr;
1983 : }
1984 : }
1985 :
1986 14001017 : new_ptr = tc_alloc_pool(tc, size + TC_HDR_SIZE, 0);
1987 :
1988 14001017 : if (new_ptr == NULL) {
1989 : /*
1990 : * Couldn't allocate from pool (pool size
1991 : * counts as already allocated for memlimit
1992 : * purposes). We must check memory limit
1993 : * before any real malloc.
1994 : */
1995 13820705 : if (tc->limit) {
1996 : /*
1997 : * Note we're doing an extra malloc,
1998 : * on top of the pool size, so account
1999 : * for size only, not the difference
2000 : * between old and new size.
2001 : */
2002 8 : if (!talloc_memlimit_check(tc->limit, size)) {
2003 6 : _talloc_chunk_set_not_free(tc);
2004 6 : errno = ENOMEM;
2005 6 : return NULL;
2006 : }
2007 : }
2008 13820699 : new_ptr = malloc(TC_HDR_SIZE+size);
2009 13820699 : malloced = true;
2010 13820699 : new_size = size;
2011 : }
2012 :
2013 14001011 : if (new_ptr) {
2014 14018009 : memcpy(new_ptr, tc, MIN(tc->size,size) + TC_HDR_SIZE);
2015 :
2016 14001011 : _tc_free_poolmem(tc, __location__ "_talloc_realloc");
2017 : }
2018 : }
2019 : else {
2020 : /* We're doing realloc here, so record the difference. */
2021 1895421202 : old_size = tc->size;
2022 1895421202 : new_size = size;
2023 : /*
2024 : * We must check memory limit
2025 : * before any real realloc.
2026 : */
2027 1895421202 : if (tc->limit && (size > old_size)) {
2028 3 : if (!talloc_memlimit_check(tc->limit,
2029 : (size - old_size))) {
2030 2 : _talloc_chunk_set_not_free(tc);
2031 2 : errno = ENOMEM;
2032 2 : return NULL;
2033 : }
2034 : }
2035 1895421200 : new_ptr = realloc(tc, size + TC_HDR_SIZE);
2036 : }
2037 1921701242 : got_new_ptr:
2038 :
2039 1921701242 : if (unlikely(!new_ptr)) {
2040 : /*
2041 : * Ok, this is a strange spot. We have to put back
2042 : * the old talloc_magic and any flags, except the
2043 : * TALLOC_FLAG_FREE as this was not free'ed by the
2044 : * realloc() call after all
2045 : */
2046 0 : _talloc_chunk_set_not_free(tc);
2047 0 : return NULL;
2048 : }
2049 :
2050 : /*
2051 : * tc is now the new value from realloc(), the old memory we
2052 : * can't access any more and was preemptively marked as
2053 : * TALLOC_FLAG_FREE before the call. Now we mark it as not
2054 : * free again
2055 : */
2056 1921701242 : tc = (struct talloc_chunk *)new_ptr;
2057 1921701242 : _talloc_chunk_set_not_free(tc);
2058 1921701242 : if (malloced) {
2059 13820699 : tc->flags &= ~TALLOC_FLAG_POOLMEM;
2060 : }
2061 1921701242 : if (tc->parent) {
2062 1503531160 : tc->parent->child = tc;
2063 : }
2064 1921701242 : if (tc->child) {
2065 1018693453 : tc->child->parent = tc;
2066 : }
2067 :
2068 1921701242 : if (tc->prev) {
2069 412731480 : tc->prev->next = tc;
2070 : }
2071 1921701242 : if (tc->next) {
2072 1170346592 : tc->next->prev = tc;
2073 : }
2074 :
2075 1921701242 : if (new_size > old_size) {
2076 1857363266 : talloc_memlimit_grow(tc->limit, new_size - old_size);
2077 64337976 : } else if (new_size < old_size) {
2078 51878633 : talloc_memlimit_shrink(tc->limit, old_size - new_size);
2079 : }
2080 :
2081 1921701242 : tc->size = size;
2082 1968910826 : _tc_set_name_const(tc, name);
2083 :
2084 1921701242 : return TC_PTR_FROM_CHUNK(tc);
2085 : }
2086 :
2087 : /*
2088 : a wrapper around talloc_steal() for situations where you are moving a pointer
2089 : between two structures, and want the old pointer to be set to NULL
2090 : */
2091 409257225 : _PUBLIC_ void *_talloc_move(const void *new_ctx, const void *_pptr)
2092 : {
2093 409257225 : const void **pptr = discard_const_p(const void *,_pptr);
2094 409257225 : void *ret = talloc_steal(new_ctx, discard_const_p(void, *pptr));
2095 409257225 : (*pptr) = NULL;
2096 409257225 : return ret;
2097 : }
2098 :
2099 : enum talloc_mem_count_type {
2100 : TOTAL_MEM_SIZE,
2101 : TOTAL_MEM_BLOCKS,
2102 : TOTAL_MEM_LIMIT,
2103 : };
2104 :
2105 795377133 : static inline size_t _talloc_total_mem_internal(const void *ptr,
2106 : enum talloc_mem_count_type type,
2107 : struct talloc_memlimit *old_limit,
2108 : struct talloc_memlimit *new_limit)
2109 : {
2110 795377133 : size_t total = 0;
2111 : struct talloc_chunk *c, *tc;
2112 :
2113 795377133 : if (ptr == NULL) {
2114 34 : ptr = null_context;
2115 : }
2116 795377133 : if (ptr == NULL) {
2117 1 : return 0;
2118 : }
2119 :
2120 795377130 : tc = talloc_chunk_from_ptr(ptr);
2121 :
2122 795377130 : if (old_limit || new_limit) {
2123 14 : if (tc->limit && tc->limit->upper == old_limit) {
2124 0 : tc->limit->upper = new_limit;
2125 : }
2126 : }
2127 :
2128 : /* optimize in the memlimits case */
2129 795377148 : if (type == TOTAL_MEM_LIMIT &&
2130 28 : tc->limit != NULL &&
2131 9 : tc->limit != old_limit &&
2132 4 : tc->limit->parent == tc) {
2133 0 : return tc->limit->cur_size;
2134 : }
2135 :
2136 795377130 : if (tc->flags & TALLOC_FLAG_LOOP) {
2137 199110969 : return 0;
2138 : }
2139 :
2140 595669894 : tc->flags |= TALLOC_FLAG_LOOP;
2141 :
2142 595669894 : if (old_limit || new_limit) {
2143 14 : if (old_limit == tc->limit) {
2144 14 : tc->limit = new_limit;
2145 : }
2146 : }
2147 :
2148 595669894 : switch (type) {
2149 2652806 : case TOTAL_MEM_SIZE:
2150 2652806 : if (likely(tc->name != TALLOC_MAGIC_REFERENCE)) {
2151 2652766 : total = tc->size;
2152 : }
2153 2637954 : break;
2154 593017070 : case TOTAL_MEM_BLOCKS:
2155 593017070 : total++;
2156 593017070 : break;
2157 18 : case TOTAL_MEM_LIMIT:
2158 18 : if (likely(tc->name != TALLOC_MAGIC_REFERENCE)) {
2159 : /*
2160 : * Don't count memory allocated from a pool
2161 : * when calculating limits. Only count the
2162 : * pool itself.
2163 : */
2164 18 : if (!(tc->flags & TALLOC_FLAG_POOLMEM)) {
2165 16 : if (tc->flags & TALLOC_FLAG_POOL) {
2166 : /*
2167 : * If this is a pool, the allocated
2168 : * size is in the pool header, and
2169 : * remember to add in the prefix
2170 : * length.
2171 : */
2172 2 : struct talloc_pool_hdr *pool_hdr
2173 0 : = talloc_pool_from_chunk(tc);
2174 2 : total = pool_hdr->poolsize +
2175 : TC_HDR_SIZE +
2176 : TP_HDR_SIZE;
2177 : } else {
2178 14 : total = tc->size + TC_HDR_SIZE;
2179 : }
2180 : }
2181 : }
2182 9 : break;
2183 : }
2184 597665138 : for (c = tc->child; c; c = c->next) {
2185 1995244 : total += _talloc_total_mem_internal(TC_PTR_FROM_CHUNK(c), type,
2186 : old_limit, new_limit);
2187 : }
2188 :
2189 595669894 : tc->flags &= ~TALLOC_FLAG_LOOP;
2190 :
2191 595669894 : return total;
2192 : }
2193 :
2194 : /*
2195 : return the total size of a talloc pool (subtree)
2196 : */
2197 658960 : _PUBLIC_ size_t talloc_total_size(const void *ptr)
2198 : {
2199 658960 : return _talloc_total_mem_internal(ptr, TOTAL_MEM_SIZE, NULL, NULL);
2200 : }
2201 :
2202 : /*
2203 : return the total number of blocks in a talloc pool (subtree)
2204 : */
2205 792722911 : _PUBLIC_ size_t talloc_total_blocks(const void *ptr)
2206 : {
2207 792722911 : return _talloc_total_mem_internal(ptr, TOTAL_MEM_BLOCKS, NULL, NULL);
2208 : }
2209 :
2210 : /*
2211 : return the number of external references to a pointer
2212 : */
2213 29273 : _PUBLIC_ size_t talloc_reference_count(const void *ptr)
2214 : {
2215 29273 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ptr);
2216 : struct talloc_reference_handle *h;
2217 29273 : size_t ret = 0;
2218 :
2219 29330 : for (h=tc->refs;h;h=h->next) {
2220 57 : ret++;
2221 : }
2222 29273 : return ret;
2223 : }
2224 :
2225 : /*
2226 : report on memory usage by all children of a pointer, giving a full tree view
2227 : */
2228 3193 : _PUBLIC_ void talloc_report_depth_cb(const void *ptr, int depth, int max_depth,
2229 : void (*callback)(const void *ptr,
2230 : int depth, int max_depth,
2231 : int is_ref,
2232 : void *private_data),
2233 : void *private_data)
2234 : {
2235 : struct talloc_chunk *c, *tc;
2236 :
2237 3193 : if (ptr == NULL) {
2238 2319 : ptr = null_context;
2239 : }
2240 3193 : if (ptr == NULL) return;
2241 :
2242 882 : tc = talloc_chunk_from_ptr(ptr);
2243 :
2244 882 : if (tc->flags & TALLOC_FLAG_LOOP) {
2245 0 : return;
2246 : }
2247 :
2248 882 : callback(ptr, depth, max_depth, 0, private_data);
2249 :
2250 882 : if (max_depth >= 0 && depth >= max_depth) {
2251 126 : return;
2252 : }
2253 :
2254 654 : tc->flags |= TALLOC_FLAG_LOOP;
2255 1367 : for (c=tc->child;c;c=c->next) {
2256 713 : if (c->name == TALLOC_MAGIC_REFERENCE) {
2257 16 : struct talloc_reference_handle *h = (struct talloc_reference_handle *)TC_PTR_FROM_CHUNK(c);
2258 16 : callback(h->ptr, depth + 1, max_depth, 1, private_data);
2259 : } else {
2260 697 : talloc_report_depth_cb(TC_PTR_FROM_CHUNK(c), depth + 1, max_depth, callback, private_data);
2261 : }
2262 : }
2263 654 : tc->flags &= ~TALLOC_FLAG_LOOP;
2264 : }
2265 :
2266 898 : static void talloc_report_depth_FILE_helper(const void *ptr, int depth, int max_depth, int is_ref, void *_f)
2267 : {
2268 898 : const char *name = __talloc_get_name(ptr);
2269 : struct talloc_chunk *tc;
2270 898 : FILE *f = (FILE *)_f;
2271 :
2272 898 : if (is_ref) {
2273 16 : fprintf(f, "%*sreference to: %s\n", depth*4, "", name);
2274 8 : return;
2275 : }
2276 :
2277 882 : tc = talloc_chunk_from_ptr(ptr);
2278 882 : if (tc->limit && tc->limit->parent == tc) {
2279 142 : fprintf(f, "%*s%-30s is a memlimit context"
2280 : " (max_size = %lu bytes, cur_size = %lu bytes)\n",
2281 : depth*4, "",
2282 : name,
2283 142 : (unsigned long)tc->limit->max_size,
2284 142 : (unsigned long)tc->limit->cur_size);
2285 : }
2286 :
2287 882 : if (depth == 0) {
2288 185 : fprintf(f,"%stalloc report on '%s' (total %6lu bytes in %3lu blocks)\n",
2289 : (max_depth < 0 ? "full " :""), name,
2290 185 : (unsigned long)talloc_total_size(ptr),
2291 185 : (unsigned long)talloc_total_blocks(ptr));
2292 99 : return;
2293 : }
2294 :
2295 1382 : fprintf(f, "%*s%-30s contains %6lu bytes in %3lu blocks (ref %d) %p\n",
2296 : depth*4, "",
2297 : name,
2298 697 : (unsigned long)talloc_total_size(ptr),
2299 697 : (unsigned long)talloc_total_blocks(ptr),
2300 697 : (int)talloc_reference_count(ptr), ptr);
2301 :
2302 : #if 0
2303 : fprintf(f, "content: ");
2304 : if (talloc_total_size(ptr)) {
2305 : int tot = talloc_total_size(ptr);
2306 : int i;
2307 :
2308 : for (i = 0; i < tot; i++) {
2309 : if ((((char *)ptr)[i] > 31) && (((char *)ptr)[i] < 126)) {
2310 : fprintf(f, "%c", ((char *)ptr)[i]);
2311 : } else {
2312 : fprintf(f, "~%02x", ((char *)ptr)[i]);
2313 : }
2314 : }
2315 : }
2316 : fprintf(f, "\n");
2317 : #endif
2318 : }
2319 :
2320 : /*
2321 : report on memory usage by all children of a pointer, giving a full tree view
2322 : */
2323 2496 : _PUBLIC_ void talloc_report_depth_file(const void *ptr, int depth, int max_depth, FILE *f)
2324 : {
2325 2496 : if (f) {
2326 2496 : talloc_report_depth_cb(ptr, depth, max_depth, talloc_report_depth_FILE_helper, f);
2327 2496 : fflush(f);
2328 : }
2329 2496 : }
2330 :
2331 : /*
2332 : report on memory usage by all children of a pointer, giving a full tree view
2333 : */
2334 165 : _PUBLIC_ void talloc_report_full(const void *ptr, FILE *f)
2335 : {
2336 165 : talloc_report_depth_file(ptr, 0, -1, f);
2337 165 : }
2338 :
2339 : /*
2340 : report on memory usage by all children of a pointer
2341 : */
2342 2331 : _PUBLIC_ void talloc_report(const void *ptr, FILE *f)
2343 : {
2344 2331 : talloc_report_depth_file(ptr, 0, 1, f);
2345 2331 : }
2346 :
2347 : /*
2348 : enable tracking of the NULL context
2349 : */
2350 40438 : _PUBLIC_ void talloc_enable_null_tracking(void)
2351 : {
2352 40438 : if (null_context == NULL) {
2353 40422 : null_context = _talloc_named_const(NULL, 0, "null_context");
2354 40422 : if (autofree_context != NULL) {
2355 0 : talloc_reparent(NULL, null_context, autofree_context);
2356 : }
2357 : }
2358 40438 : }
2359 :
2360 : /*
2361 : enable tracking of the NULL context, not moving the autofree context
2362 : into the NULL context. This is needed for the talloc testsuite
2363 : */
2364 74 : _PUBLIC_ void talloc_enable_null_tracking_no_autofree(void)
2365 : {
2366 74 : if (null_context == NULL) {
2367 72 : null_context = _talloc_named_const(NULL, 0, "null_context");
2368 : }
2369 74 : }
2370 :
2371 : /*
2372 : disable tracking of the NULL context
2373 : */
2374 78 : _PUBLIC_ void talloc_disable_null_tracking(void)
2375 : {
2376 78 : if (null_context != NULL) {
2377 : /* we have to move any children onto the real NULL
2378 : context */
2379 : struct talloc_chunk *tc, *tc2;
2380 72 : tc = talloc_chunk_from_ptr(null_context);
2381 72 : for (tc2 = tc->child; tc2; tc2=tc2->next) {
2382 0 : if (tc2->parent == tc) tc2->parent = NULL;
2383 0 : if (tc2->prev == tc) tc2->prev = NULL;
2384 : }
2385 72 : for (tc2 = tc->next; tc2; tc2=tc2->next) {
2386 0 : if (tc2->parent == tc) tc2->parent = NULL;
2387 0 : if (tc2->prev == tc) tc2->prev = NULL;
2388 : }
2389 72 : tc->child = NULL;
2390 72 : tc->next = NULL;
2391 : }
2392 78 : talloc_free(null_context);
2393 78 : null_context = NULL;
2394 78 : }
2395 :
2396 : /*
2397 : enable leak reporting on exit
2398 : */
2399 14 : _PUBLIC_ void talloc_enable_leak_report(void)
2400 : {
2401 14 : talloc_enable_null_tracking();
2402 14 : talloc_report_null = true;
2403 13 : talloc_setup_atexit();
2404 14 : }
2405 :
2406 : /*
2407 : enable full leak reporting on exit
2408 : */
2409 2 : _PUBLIC_ void talloc_enable_leak_report_full(void)
2410 : {
2411 2 : talloc_enable_null_tracking();
2412 2 : talloc_report_null_full = true;
2413 1 : talloc_setup_atexit();
2414 2 : }
2415 :
2416 : /*
2417 : talloc and zero memory.
2418 : */
2419 8468844342 : _PUBLIC_ void *_talloc_zero(const void *ctx, size_t size, const char *name)
2420 : {
2421 8468844342 : void *p = _talloc_named_const(ctx, size, name);
2422 :
2423 8468844342 : if (p) {
2424 8312732055 : memset(p, '\0', size);
2425 : }
2426 :
2427 8468844342 : return p;
2428 : }
2429 :
2430 : /*
2431 : memdup with a talloc.
2432 : */
2433 5284055763 : _PUBLIC_ void *_talloc_memdup(const void *t, const void *p, size_t size, const char *name)
2434 : {
2435 5284055763 : void *newp = NULL;
2436 :
2437 5284055763 : if (likely(size > 0) && unlikely(p == NULL)) {
2438 0 : return NULL;
2439 : }
2440 :
2441 5284055763 : newp = _talloc_named_const(t, size, name);
2442 5284055763 : if (likely(newp != NULL) && likely(size > 0)) {
2443 4644843215 : memcpy(newp, p, size);
2444 : }
2445 :
2446 4999010146 : return newp;
2447 : }
2448 :
2449 7922430210 : static inline char *__talloc_strlendup(const void *t, const char *p, size_t len)
2450 : {
2451 : char *ret;
2452 : struct talloc_chunk *tc;
2453 :
2454 8159374293 : ret = (char *)__talloc(t, len + 1, &tc);
2455 7922430210 : if (unlikely(!ret)) return NULL;
2456 :
2457 7922430208 : memcpy(ret, p, len);
2458 7922430208 : ret[len] = 0;
2459 :
2460 8159374290 : _tc_set_name_const(tc, ret);
2461 7922430208 : return ret;
2462 : }
2463 :
2464 : /*
2465 : strdup with a talloc
2466 : */
2467 6670076145 : _PUBLIC_ char *talloc_strdup(const void *t, const char *p)
2468 : {
2469 6670076145 : if (unlikely(!p)) return NULL;
2470 6669127659 : return __talloc_strlendup(t, p, strlen(p));
2471 : }
2472 :
2473 : /*
2474 : strndup with a talloc
2475 : */
2476 1253302619 : _PUBLIC_ char *talloc_strndup(const void *t, const char *p, size_t n)
2477 : {
2478 1253302619 : if (unlikely(!p)) return NULL;
2479 1253302551 : return __talloc_strlendup(t, p, strnlen(p, n));
2480 : }
2481 :
2482 230307812 : static inline char *__talloc_strlendup_append(char *s, size_t slen,
2483 : const char *a, size_t alen)
2484 : {
2485 : char *ret;
2486 :
2487 230307812 : ret = talloc_realloc(NULL, s, char, slen + alen + 1);
2488 230307812 : if (unlikely(!ret)) return NULL;
2489 :
2490 : /* append the string and the trailing \0 */
2491 237355271 : memcpy(&ret[slen], a, alen);
2492 230307812 : ret[slen+alen] = 0;
2493 :
2494 237355271 : _tc_set_name_const(talloc_chunk_from_ptr(ret), ret);
2495 230307812 : return ret;
2496 : }
2497 :
2498 : /*
2499 : * Appends at the end of the string.
2500 : */
2501 668415 : _PUBLIC_ char *talloc_strdup_append(char *s, const char *a)
2502 : {
2503 668415 : if (unlikely(!s)) {
2504 0 : return talloc_strdup(NULL, a);
2505 : }
2506 :
2507 668415 : if (unlikely(!a)) {
2508 0 : return s;
2509 : }
2510 :
2511 668415 : return __talloc_strlendup_append(s, strlen(s), a, strlen(a));
2512 : }
2513 :
2514 : /*
2515 : * Appends at the end of the talloc'ed buffer,
2516 : * not the end of the string.
2517 : */
2518 229639365 : _PUBLIC_ char *talloc_strdup_append_buffer(char *s, const char *a)
2519 : {
2520 : size_t slen;
2521 :
2522 229639365 : if (unlikely(!s)) {
2523 0 : return talloc_strdup(NULL, a);
2524 : }
2525 :
2526 229639365 : if (unlikely(!a)) {
2527 0 : return s;
2528 : }
2529 :
2530 229639365 : slen = talloc_get_size(s);
2531 229639365 : if (likely(slen > 0)) {
2532 229639365 : slen--;
2533 : }
2534 :
2535 229639365 : return __talloc_strlendup_append(s, slen, a, strlen(a));
2536 : }
2537 :
2538 : /*
2539 : * Appends at the end of the string.
2540 : */
2541 32 : _PUBLIC_ char *talloc_strndup_append(char *s, const char *a, size_t n)
2542 : {
2543 32 : if (unlikely(!s)) {
2544 0 : return talloc_strndup(NULL, a, n);
2545 : }
2546 :
2547 32 : if (unlikely(!a)) {
2548 0 : return s;
2549 : }
2550 :
2551 32 : return __talloc_strlendup_append(s, strlen(s), a, strnlen(a, n));
2552 : }
2553 :
2554 : /*
2555 : * Appends at the end of the talloc'ed buffer,
2556 : * not the end of the string.
2557 : */
2558 0 : _PUBLIC_ char *talloc_strndup_append_buffer(char *s, const char *a, size_t n)
2559 : {
2560 : size_t slen;
2561 :
2562 0 : if (unlikely(!s)) {
2563 0 : return talloc_strndup(NULL, a, n);
2564 : }
2565 :
2566 0 : if (unlikely(!a)) {
2567 0 : return s;
2568 : }
2569 :
2570 0 : slen = talloc_get_size(s);
2571 0 : if (likely(slen > 0)) {
2572 0 : slen--;
2573 : }
2574 :
2575 0 : return __talloc_strlendup_append(s, slen, a, strnlen(a, n));
2576 : }
2577 :
2578 : #ifndef HAVE_VA_COPY
2579 : #ifdef HAVE___VA_COPY
2580 : #define va_copy(dest, src) __va_copy(dest, src)
2581 : #else
2582 : #define va_copy(dest, src) (dest) = (src)
2583 : #endif
2584 : #endif
2585 :
2586 : static struct talloc_chunk *_vasprintf_tc(const void *t,
2587 : const char *fmt,
2588 : va_list ap) PRINTF_ATTRIBUTE(2,0);
2589 :
2590 492515925 : static struct talloc_chunk *_vasprintf_tc(const void *t,
2591 : const char *fmt,
2592 : va_list ap)
2593 : {
2594 : int vlen;
2595 : size_t len;
2596 : char *ret;
2597 : va_list ap2;
2598 : struct talloc_chunk *tc;
2599 : char buf[1024];
2600 :
2601 : /* this call looks strange, but it makes it work on older solaris boxes */
2602 492515925 : va_copy(ap2, ap);
2603 492515925 : vlen = vsnprintf(buf, sizeof(buf), fmt, ap2);
2604 492515925 : va_end(ap2);
2605 492515925 : if (unlikely(vlen < 0)) {
2606 0 : return NULL;
2607 : }
2608 492515925 : len = vlen;
2609 492515925 : if (unlikely(len + 1 < len)) {
2610 0 : return NULL;
2611 : }
2612 :
2613 508336528 : ret = (char *)__talloc(t, len+1, &tc);
2614 492515925 : if (unlikely(!ret)) return NULL;
2615 :
2616 492515925 : if (len < sizeof(buf)) {
2617 492515667 : memcpy(ret, buf, len+1);
2618 : } else {
2619 258 : va_copy(ap2, ap);
2620 270 : vsnprintf(ret, len+1, fmt, ap2);
2621 258 : va_end(ap2);
2622 : }
2623 :
2624 508336528 : _tc_set_name_const(tc, ret);
2625 492515925 : return tc;
2626 : }
2627 :
2628 468186078 : _PUBLIC_ char *talloc_vasprintf(const void *t, const char *fmt, va_list ap)
2629 : {
2630 468186078 : struct talloc_chunk *tc = _vasprintf_tc(t, fmt, ap);
2631 468186078 : if (tc == NULL) {
2632 0 : return NULL;
2633 : }
2634 468186078 : return TC_PTR_FROM_CHUNK(tc);
2635 : }
2636 :
2637 :
2638 : /*
2639 : Perform string formatting, and return a pointer to newly allocated
2640 : memory holding the result, inside a memory pool.
2641 : */
2642 294763911 : _PUBLIC_ char *talloc_asprintf(const void *t, const char *fmt, ...)
2643 : {
2644 : va_list ap;
2645 : char *ret;
2646 :
2647 294763911 : va_start(ap, fmt);
2648 294763911 : ret = talloc_vasprintf(t, fmt, ap);
2649 294763911 : va_end(ap);
2650 294763911 : return ret;
2651 : }
2652 :
2653 : static inline char *__talloc_vaslenprintf_append(char *s, size_t slen,
2654 : const char *fmt, va_list ap)
2655 : PRINTF_ATTRIBUTE(3,0);
2656 :
2657 207598694 : static inline char *__talloc_vaslenprintf_append(char *s, size_t slen,
2658 : const char *fmt, va_list ap)
2659 : {
2660 : ssize_t alen;
2661 : va_list ap2;
2662 : char c;
2663 :
2664 207598694 : va_copy(ap2, ap);
2665 207598694 : alen = vsnprintf(&c, 1, fmt, ap2);
2666 207598694 : va_end(ap2);
2667 :
2668 207598694 : if (alen <= 0) {
2669 : /* Either the vsnprintf failed or the format resulted in
2670 : * no characters being formatted. In the former case, we
2671 : * ought to return NULL, in the latter we ought to return
2672 : * the original string. Most current callers of this
2673 : * function expect it to never return NULL.
2674 : */
2675 0 : return s;
2676 : }
2677 :
2678 207598694 : s = talloc_realloc(NULL, s, char, slen + alen + 1);
2679 207598694 : if (!s) return NULL;
2680 :
2681 207598694 : va_copy(ap2, ap);
2682 213691276 : vsnprintf(s + slen, alen + 1, fmt, ap2);
2683 207598694 : va_end(ap2);
2684 :
2685 213691276 : _tc_set_name_const(talloc_chunk_from_ptr(s), s);
2686 207598694 : return s;
2687 : }
2688 :
2689 : /**
2690 : * Realloc @p s to append the formatted result of @p fmt and @p ap,
2691 : * and return @p s, which may have moved. Good for gradually
2692 : * accumulating output into a string buffer. Appends at the end
2693 : * of the string.
2694 : **/
2695 6634435 : _PUBLIC_ char *talloc_vasprintf_append(char *s, const char *fmt, va_list ap)
2696 : {
2697 6634435 : if (unlikely(!s)) {
2698 39986 : return talloc_vasprintf(NULL, fmt, ap);
2699 : }
2700 :
2701 6594449 : return __talloc_vaslenprintf_append(s, strlen(s), fmt, ap);
2702 : }
2703 :
2704 : /**
2705 : * Realloc @p s to append the formatted result of @p fmt and @p ap,
2706 : * and return @p s, which may have moved. Always appends at the
2707 : * end of the talloc'ed buffer, not the end of the string.
2708 : **/
2709 201004849 : _PUBLIC_ char *talloc_vasprintf_append_buffer(char *s, const char *fmt, va_list ap)
2710 : {
2711 : size_t slen;
2712 :
2713 201004849 : if (unlikely(!s)) {
2714 604 : return talloc_vasprintf(NULL, fmt, ap);
2715 : }
2716 :
2717 201004245 : slen = talloc_get_size(s);
2718 201004245 : if (likely(slen > 0)) {
2719 201004245 : slen--;
2720 : }
2721 :
2722 201004245 : return __talloc_vaslenprintf_append(s, slen, fmt, ap);
2723 : }
2724 :
2725 : /*
2726 : Realloc @p s to append the formatted result of @p fmt and return @p
2727 : s, which may have moved. Good for gradually accumulating output
2728 : into a string buffer.
2729 : */
2730 3010790 : _PUBLIC_ char *talloc_asprintf_append(char *s, const char *fmt, ...)
2731 : {
2732 : va_list ap;
2733 :
2734 3010790 : va_start(ap, fmt);
2735 3010790 : s = talloc_vasprintf_append(s, fmt, ap);
2736 3010790 : va_end(ap);
2737 3010790 : return s;
2738 : }
2739 :
2740 : /*
2741 : Realloc @p s to append the formatted result of @p fmt and return @p
2742 : s, which may have moved. Good for gradually accumulating output
2743 : into a buffer.
2744 : */
2745 162079373 : _PUBLIC_ char *talloc_asprintf_append_buffer(char *s, const char *fmt, ...)
2746 : {
2747 : va_list ap;
2748 :
2749 162079373 : va_start(ap, fmt);
2750 162079373 : s = talloc_vasprintf_append_buffer(s, fmt, ap);
2751 162079373 : va_end(ap);
2752 162079373 : return s;
2753 : }
2754 :
2755 : /*
2756 : alloc an array, checking for integer overflow in the array size
2757 : */
2758 8687628944 : _PUBLIC_ void *_talloc_array(const void *ctx, size_t el_size, unsigned count, const char *name)
2759 : {
2760 8687628944 : if (count >= MAX_TALLOC_SIZE/el_size) {
2761 3 : return NULL;
2762 : }
2763 8876482106 : return _talloc_named_const(ctx, el_size * count, name);
2764 : }
2765 :
2766 : /*
2767 : alloc an zero array, checking for integer overflow in the array size
2768 : */
2769 733344550 : _PUBLIC_ void *_talloc_zero_array(const void *ctx, size_t el_size, unsigned count, const char *name)
2770 : {
2771 733344550 : if (count >= MAX_TALLOC_SIZE/el_size) {
2772 0 : return NULL;
2773 : }
2774 733344550 : return _talloc_zero(ctx, el_size * count, name);
2775 : }
2776 :
2777 : /*
2778 : realloc an array, checking for integer overflow in the array size
2779 : */
2780 4341933530 : _PUBLIC_ void *_talloc_realloc_array(const void *ctx, void *ptr, size_t el_size, unsigned count, const char *name)
2781 : {
2782 4341933530 : if (count >= MAX_TALLOC_SIZE/el_size) {
2783 1 : return NULL;
2784 : }
2785 4341933528 : return _talloc_realloc(ctx, ptr, el_size * count, name);
2786 : }
2787 :
2788 : /*
2789 : a function version of talloc_realloc(), so it can be passed as a function pointer
2790 : to libraries that want a realloc function (a realloc function encapsulates
2791 : all the basic capabilities of an allocation library, which is why this is useful)
2792 : */
2793 6 : _PUBLIC_ void *talloc_realloc_fn(const void *context, void *ptr, size_t size)
2794 : {
2795 6 : return _talloc_realloc(context, ptr, size, NULL);
2796 : }
2797 :
2798 :
2799 2 : static int talloc_autofree_destructor(void *ptr)
2800 : {
2801 2 : autofree_context = NULL;
2802 2 : return 0;
2803 : }
2804 :
2805 : /*
2806 : return a context which will be auto-freed on exit
2807 : this is useful for reducing the noise in leak reports
2808 : */
2809 2 : _PUBLIC_ void *talloc_autofree_context(void)
2810 : {
2811 2 : if (autofree_context == NULL) {
2812 2 : autofree_context = _talloc_named_const(NULL, 0, "autofree_context");
2813 2 : talloc_set_destructor(autofree_context, talloc_autofree_destructor);
2814 2 : talloc_setup_atexit();
2815 : }
2816 2 : return autofree_context;
2817 : }
2818 :
2819 1212830111 : _PUBLIC_ size_t talloc_get_size(const void *context)
2820 : {
2821 : struct talloc_chunk *tc;
2822 :
2823 1212830111 : if (context == NULL) {
2824 12563383 : return 0;
2825 : }
2826 :
2827 1200137298 : tc = talloc_chunk_from_ptr(context);
2828 :
2829 1200137299 : return tc->size;
2830 : }
2831 :
2832 : /*
2833 : find a parent of this context that has the given name, if any
2834 : */
2835 0 : _PUBLIC_ void *talloc_find_parent_byname(const void *context, const char *name)
2836 : {
2837 : struct talloc_chunk *tc;
2838 :
2839 0 : if (context == NULL) {
2840 0 : return NULL;
2841 : }
2842 :
2843 0 : tc = talloc_chunk_from_ptr(context);
2844 0 : while (tc) {
2845 0 : if (tc->name && strcmp(tc->name, name) == 0) {
2846 0 : return TC_PTR_FROM_CHUNK(tc);
2847 : }
2848 0 : while (tc && tc->prev) tc = tc->prev;
2849 0 : if (tc) {
2850 0 : tc = tc->parent;
2851 : }
2852 : }
2853 0 : return NULL;
2854 : }
2855 :
2856 : /*
2857 : show the parentage of a context
2858 : */
2859 0 : _PUBLIC_ void talloc_show_parents(const void *context, FILE *file)
2860 : {
2861 : struct talloc_chunk *tc;
2862 :
2863 0 : if (context == NULL) {
2864 0 : fprintf(file, "talloc no parents for NULL\n");
2865 0 : return;
2866 : }
2867 :
2868 0 : tc = talloc_chunk_from_ptr(context);
2869 0 : fprintf(file, "talloc parents of '%s'\n", __talloc_get_name(context));
2870 0 : while (tc) {
2871 0 : fprintf(file, "\t'%s'\n", __talloc_get_name(TC_PTR_FROM_CHUNK(tc)));
2872 0 : while (tc && tc->prev) tc = tc->prev;
2873 0 : if (tc) {
2874 0 : tc = tc->parent;
2875 : }
2876 : }
2877 0 : fflush(file);
2878 : }
2879 :
2880 : /*
2881 : return 1 if ptr is a parent of context
2882 : */
2883 20588631 : static int _talloc_is_parent(const void *context, const void *ptr, int depth)
2884 : {
2885 : struct talloc_chunk *tc;
2886 :
2887 20588631 : if (context == NULL) {
2888 0 : return 0;
2889 : }
2890 :
2891 20588631 : tc = talloc_chunk_from_ptr(context);
2892 109085096 : while (tc) {
2893 70121259 : if (depth <= 0) {
2894 18 : return 0;
2895 : }
2896 70121235 : if (TC_PTR_FROM_CHUNK(tc) == ptr) return 1;
2897 131838370 : while (tc && tc->prev) tc = tc->prev;
2898 70093553 : if (tc) {
2899 70093553 : tc = tc->parent;
2900 70093553 : depth--;
2901 : }
2902 : }
2903 18181134 : return 0;
2904 : }
2905 :
2906 : /*
2907 : return 1 if ptr is a parent of context
2908 : */
2909 20588631 : _PUBLIC_ int talloc_is_parent(const void *context, const void *ptr)
2910 : {
2911 20588631 : return _talloc_is_parent(context, ptr, TALLOC_MAX_DEPTH);
2912 : }
2913 :
2914 : /*
2915 : return the total size of memory used by this context and all children
2916 : */
2917 9 : static inline size_t _talloc_total_limit_size(const void *ptr,
2918 : struct talloc_memlimit *old_limit,
2919 : struct talloc_memlimit *new_limit)
2920 : {
2921 18 : return _talloc_total_mem_internal(ptr, TOTAL_MEM_LIMIT,
2922 : old_limit, new_limit);
2923 : }
2924 :
2925 33770527794 : static inline bool talloc_memlimit_check(struct talloc_memlimit *limit, size_t size)
2926 : {
2927 : struct talloc_memlimit *l;
2928 :
2929 33770527821 : for (l = limit; l != NULL; l = l->upper) {
2930 92 : if (l->max_size != 0 &&
2931 82 : ((l->max_size <= l->cur_size) ||
2932 36 : (l->max_size - l->cur_size < size))) {
2933 10 : return false;
2934 : }
2935 : }
2936 :
2937 33770527784 : return true;
2938 : }
2939 :
2940 : /*
2941 : Update memory limits when freeing a talloc_chunk.
2942 : */
2943 34198669888 : static void tc_memlimit_update_on_free(struct talloc_chunk *tc)
2944 : {
2945 : size_t limit_shrink_size;
2946 :
2947 34198669888 : if (!tc->limit) {
2948 33237487281 : return;
2949 : }
2950 :
2951 : /*
2952 : * Pool entries don't count. Only the pools
2953 : * themselves are counted as part of the memory
2954 : * limits. Note that this also takes care of
2955 : * nested pools which have both flags
2956 : * TALLOC_FLAG_POOLMEM|TALLOC_FLAG_POOL set.
2957 : */
2958 20 : if (tc->flags & TALLOC_FLAG_POOLMEM) {
2959 0 : return;
2960 : }
2961 :
2962 : /*
2963 : * If we are part of a memory limited context hierarchy
2964 : * we need to subtract the memory used from the counters
2965 : */
2966 :
2967 20 : limit_shrink_size = tc->size+TC_HDR_SIZE;
2968 :
2969 : /*
2970 : * If we're deallocating a pool, take into
2971 : * account the prefix size added for the pool.
2972 : */
2973 :
2974 20 : if (tc->flags & TALLOC_FLAG_POOL) {
2975 2 : limit_shrink_size += TP_HDR_SIZE;
2976 : }
2977 :
2978 30 : talloc_memlimit_shrink(tc->limit, limit_shrink_size);
2979 :
2980 20 : if (tc->limit->parent == tc) {
2981 10 : free(tc->limit);
2982 : }
2983 :
2984 20 : tc->limit = NULL;
2985 : }
2986 :
2987 : /*
2988 : Increase memory limit accounting after a malloc/realloc.
2989 : */
2990 35581802240 : static void talloc_memlimit_grow(struct talloc_memlimit *limit,
2991 : size_t size)
2992 : {
2993 : struct talloc_memlimit *l;
2994 :
2995 36604450101 : for (l = limit; l != NULL; l = l->upper) {
2996 30 : size_t new_cur_size = l->cur_size + size;
2997 30 : if (new_cur_size < l->cur_size) {
2998 0 : talloc_abort("logic error in talloc_memlimit_grow\n");
2999 0 : return;
3000 : }
3001 30 : l->cur_size = new_cur_size;
3002 : }
3003 : }
3004 :
3005 : /*
3006 : Decrease memory limit accounting after a free/realloc.
3007 : */
3008 50761194 : static void talloc_memlimit_shrink(struct talloc_memlimit *limit,
3009 : size_t size)
3010 : {
3011 : struct talloc_memlimit *l;
3012 :
3013 51878699 : for (l = limit; l != NULL; l = l->upper) {
3014 44 : if (l->cur_size < size) {
3015 0 : talloc_abort("logic error in talloc_memlimit_shrink\n");
3016 0 : return;
3017 : }
3018 44 : l->cur_size = l->cur_size - size;
3019 : }
3020 : }
3021 :
3022 18 : _PUBLIC_ int talloc_set_memlimit(const void *ctx, size_t max_size)
3023 : {
3024 18 : struct talloc_chunk *tc = talloc_chunk_from_ptr(ctx);
3025 : struct talloc_memlimit *orig_limit;
3026 18 : struct talloc_memlimit *limit = NULL;
3027 :
3028 18 : if (tc->limit && tc->limit->parent == tc) {
3029 8 : tc->limit->max_size = max_size;
3030 8 : return 0;
3031 : }
3032 10 : orig_limit = tc->limit;
3033 :
3034 10 : limit = malloc(sizeof(struct talloc_memlimit));
3035 10 : if (limit == NULL) {
3036 0 : return 1;
3037 : }
3038 10 : limit->parent = tc;
3039 10 : limit->max_size = max_size;
3040 15 : limit->cur_size = _talloc_total_limit_size(ctx, tc->limit, limit);
3041 :
3042 10 : if (orig_limit) {
3043 6 : limit->upper = orig_limit;
3044 : } else {
3045 4 : limit->upper = NULL;
3046 : }
3047 :
3048 5 : return 0;
3049 : }
|
