krb5 commit: Add debug mode to gssapi_alloc.h

Greg Hudson ghudson at MIT.EDU
Sat Aug 11 00:30:29 EDT 2012 

https://github.com/krb5/krb5/commit/8589d81b99db347b7440bc6c21c618aa240d66dc
commit 8589d81b99db347b7440bc6c21c618aa240d66dc
Author: Greg Hudson <ghudson at mit.edu>
Date:   Sat Aug 11 00:05:24 2012 -0400

    Add debug mode to gssapi_alloc.h
    
    Because the gssalloc macros are normally equivalent to malloc and free
    on Unix, we cannot use the full test suite to find cases where we
    allocate with malloc and free with gssalloc_free or vice versa.
    Provide a way to test for this kind of bug (if only in a special build
    configuration) by supporting a DEBUG_GSSALLOC symbol, which causes the
    gssalloc wrappers to be deliberately incompatible with malloc and
    free.

 src/lib/gssapi/generic/gssapiP_generic.h |    2 +-
 src/lib/gssapi/generic/gssapi_alloc.h    |   98 +++++++++++++++++++++++------
 src/lib/gssapi/krb5/gssapiP_krb5.h       |    2 +-
 3 files changed, 79 insertions(+), 23 deletions(-)

diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h
index 1124c51..3fb0c76 100644
--- a/src/lib/gssapi/generic/gssapiP_generic.h
+++ b/src/lib/gssapi/generic/gssapiP_generic.h
@@ -278,7 +278,7 @@ k5buf_to_gss(OM_uint32 *minor,
     OM_uint32 status = GSS_S_COMPLETE;
     char *bp = krb5int_buf_data(input_k5buf);
     output_buffer->length = krb5int_buf_len(input_k5buf)+1;
-#ifdef _WIN32
+#if defined(_WIN32) || defined(DEBUG_GSSALLOC)
     if (output_buffer->length > 0) {
         output_buffer->value = gssalloc_malloc(output_buffer->length);
         if (output_buffer->value) {
diff --git a/src/lib/gssapi/generic/gssapi_alloc.h b/src/lib/gssapi/generic/gssapi_alloc.h
index 9c0f340..9a5cd98 100644
--- a/src/lib/gssapi/generic/gssapi_alloc.h
+++ b/src/lib/gssapi/generic/gssapi_alloc.h
@@ -9,54 +9,110 @@
 
 #ifdef _WIN32
 #include "winbase.h"
-#define USE_HEAPALLOC 1
-#else
-#define USE_HEAPALLOC 0
 #endif
 #include <string.h>
 
+#if defined(_WIN32)
+
 static inline void
-gssalloc_free(void * value)
+gssalloc_free(void *value)
 {
-    if (value) {
-#if USE_HEAPALLOC
+    if (value)
         HeapFree(GetProcessHeap(), 0, value);
-#else
-        free(value);
-#endif
-    }
 }
 
 static inline void *
 gssalloc_malloc(size_t size)
 {
-#if USE_HEAPALLOC
     return HeapAlloc(GetProcessHeap(), 0, size);
-#else
-    return malloc(size);
-#endif
 }
 
 static inline void *
 gssalloc_calloc(size_t count, size_t size)
 {
-#if USE_HEAPALLOC
     return HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, count * size);
-#else
-    return calloc(count, size);
-#endif
 }
 
 static inline void *
 gssalloc_realloc(void *value, size_t size)
 {
-#if USE_HEAPALLOC
     return HeapReAlloc(GetProcessHeap(), 0, value, size);
-#else
+}
+
+#elif defined(DEBUG_GSSALLOC)
+
+/* Be deliberately incompatible with malloc and free, to allow us to detect
+ * mismatched malloc/gssalloc usage on Unix. */
+
+static inline void
+gssalloc_free(void *value)
+{
+    char *p = (char *)value - 8;
+
+    if (value == NULL)
+        return;
+    if (memcmp(p, "gssalloc", 8) != 0)
+        abort();
+    free(p);
+}
+
+static inline void *
+gssalloc_malloc(size_t size)
+{
+    char *p = calloc(size + 8, 1);
+
+    memcpy(p, "gssalloc", 8);
+    return p + 8;
+}
+
+static inline void *
+gssalloc_calloc(size_t count, size_t size)
+{
+    return gssalloc_malloc(count * size);
+}
+
+static inline void *
+gssalloc_realloc(void *value, size_t size)
+{
+    char *p = (char *)value - 8;
+
+    if (value == NULL)
+        return gssalloc_malloc(size);
+    if (memcmp(p, "gssalloc", 8) != 0)
+        abort();
+    return (char *)realloc(p, size) + 8;
+}
+
+#else /* not _WIN32 or DEBUG_GSSALLOC */
+
+/* Normal Unix case, just use free/malloc/calloc/realloc. */
+
+static inline void
+gssalloc_free(void *value)
+{
+    free(value);
+}
+
+static inline void *
+gssalloc_malloc(size_t size)
+{
+    return malloc(size);
+}
+
+static inline void *
+gssalloc_calloc(size_t count, size_t size)
+{
+    return calloc(count, size);
+}
+
+static inline void *
+gssalloc_realloc(void *value, size_t size)
+{
     return realloc(value, size);
-#endif
 }
 
+#endif /* not _WIN32 or DEBUG_GSSALLOC */
+
 static inline char *
 gssalloc_strdup(const char *str)
 {
diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
index 56b025b..8785ec9 100644
--- a/src/lib/gssapi/krb5/gssapiP_krb5.h
+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
@@ -1204,7 +1204,7 @@ data_to_gss(krb5_data *input_k5data, gss_buffer_t output_buffer)
 {
     krb5_error_code code = 0;
     output_buffer->length = input_k5data->length;
-#ifdef _WIN32
+#if defined(_WIN32) || defined(DEBUG_GSSALLOC)
     if (output_buffer->length > 0) {
         output_buffer->value = gssalloc_malloc(output_buffer->length);
         if (output_buffer->value)

More information about the cvs-krb5 mailing list