[PATCH 1/4] Add new public header gssapi_alloc.h

Sam Hartman hartmans at painless-security.com
Thu Oct 6 13:25:30 EDT 2011 

From: Kevin Wasserman <kevin.wasserman at painless-security.com>

Contains allocator methods for use with mechanisms and mechglues for
allocations that must be made in one module but freed in another.
On windows, an allocation made in one module cannot safely be freed in
another using the usual c runtime malloc/free; runtime dll mismatch will
cause heap corruption in that case.  But it is safe to instead directly
use HeapAlloc()/HeapFree() specifying the default process heap.

Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
---
 src/Makefile.in                       |    1 +
 src/include/Makefile.in               |    2 +-
 src/lib/gssapi/Makefile.in            |    1 +
 src/lib/gssapi/generic/Makefile.in    |    5 +++-
 src/lib/gssapi/generic/gssapi_alloc.h |   47 +++++++++++++++++++++++++++++++++
 src/util/gss-kernel-lib/Makefile.in   |    3 ++
 src/util/gss-kernel-lib/deps          |    4 +-
 7 files changed, 59 insertions(+), 4 deletions(-)
 create mode 100644 src/lib/gssapi/generic/gssapi_alloc.h

diff --git a/src/Makefile.in b/src/Makefile.in
index 81e5992..72d71e3 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -547,6 +547,7 @@ install-windows::
 	copy include\profile.h "$(KRB_INSTALL_DIR)\include\."
 	copy include\com_err.h "$(KRB_INSTALL_DIR)\include\."
 	copy include\gssapi\gssapi.h "$(KRB_INSTALL_DIR)\include\gssapi\."
+	copy include\gssapi\gssapi_alloc.h "$(KRB_INSTALL_DIR)\include\gssapi\."
 	copy include\gssapi\gssapi_krb5.h "$(KRB_INSTALL_DIR)\include\gssapi\."
 	copy include\gssapi\gssapi_ext.h "$(KRB_INSTALL_DIR)\include\gssapi\."
 	copy lib\$(OUTPRE)*.lib "$(KRB_INSTALL_DIR)\lib\."
diff --git a/src/include/Makefile.in b/src/include/Makefile.in
index d6a9b3c..1887031 100644
--- a/src/include/Makefile.in
+++ b/src/include/Makefile.in
@@ -123,7 +123,7 @@ clean-unix::
 clean-windows::
 	$(RM) com_err.h profile.h
 	$(RM) gssapi\gssapi.h gssapi\gssapi_generic.h gssapi\gssapi_krb5.h
-	$(RM) gssapi\gssapi_ext.h gssapi\timestamp
+	$(RM) gssapi\gssapi_alloc.h gssapi\gssapi_ext.h gssapi\timestamp
 	if exist gssapi\nul rmdir /s /q gssapi
 	$(RM) osconf.h autoconf.h autoconf.stamp
 	@echo Making clean in include
diff --git a/src/lib/gssapi/Makefile.in b/src/lib/gssapi/Makefile.in
index 58658fd..4038343 100644
--- a/src/lib/gssapi/Makefile.in
+++ b/src/lib/gssapi/Makefile.in
@@ -50,6 +50,7 @@ EXPORTED_HEADERS= \
 	$(EHDRDIR)$(S)gssapi_krb5.h \
 	$(EHDRDIR)$(S)gssapi_generic.h \
 	$(EHDRDIR)$(S)gssapi.h \
+	$(EHDRDIR)$(S)gssapi_alloc.h \
 	$(EHDRDIR)$(S)gssapi_ext.h
 merged-gssapi-header.h: $(EXPORTED_HEADERS)
 	cat $(EXPORTED_HEADERS) > merged.tmp
diff --git a/src/lib/gssapi/generic/Makefile.in b/src/lib/gssapi/generic/Makefile.in
index a9f6bfd..669ca01 100644
--- a/src/lib/gssapi/generic/Makefile.in
+++ b/src/lib/gssapi/generic/Makefile.in
@@ -17,6 +17,7 @@ EHDRDIR= $(BUILDTOP)$(S)include$(S)gssapi
 
 HDRS=	$(EHDRDIR)$(S)gssapi.h \
 	$(EHDRDIR)$(S)gssapi_generic.h \
+	$(EHDRDIR)$(S)gssapi_alloc.h \
 	$(EHDRDIR)$(S)gssapi_ext.h
 
 MK_EHDRDIR=if test -d $(EHDRDIR); then :; else (set -x; mkdir $(EHDRDIR)); fi
@@ -28,6 +29,8 @@ $(EHDRDIR)$(S)gssapi.h: $(EHDRDIR)$(S)timestamp gssapi.h
 	$(CP) gssapi.h $@
 $(EHDRDIR)$(S)gssapi_generic.h: $(EHDRDIR)$(S)timestamp $(srcdir)$(S)gssapi_generic.h
 	$(CP) $(srcdir)$(S)gssapi_generic.h $@
+$(EHDRDIR)$(S)gssapi_alloc.h: $(EHDRDIR)$(S)timestamp $(srcdir)$(S)gssapi_alloc.h
+	$(CP) $(srcdir)$(S)gssapi_alloc.h $@
 $(EHDRDIR)$(S)gssapi_ext.h: $(EHDRDIR)$(S)timestamp $(srcdir)$(S)gssapi_ext.h
 	$(CP) $(srcdir)$(S)gssapi_ext.h $@
 
@@ -105,7 +108,7 @@ STLIBOBJS = \
 	util_token.o \
 	gssapi_err_generic.o
 
-EXPORTED_HEADERS= gssapi_generic.h gssapi_ext.h
+EXPORTED_HEADERS= gssapi_generic.h  gssapi_ext.h
 EXPORTED_BUILT_HEADERS= gssapi.h
 
 $(OBJS): $(EXPORTED_HEADERS) $(ETHDRS)
diff --git a/src/lib/gssapi/generic/gssapi_alloc.h b/src/lib/gssapi/generic/gssapi_alloc.h
new file mode 100644
index 0000000..980f5cf
--- /dev/null
+++ b/src/lib/gssapi/generic/gssapi_alloc.h
@@ -0,0 +1,47 @@
+/* To the extent possible under law, Painless Security, LLC has waived
+ * all copyright and related or neighboring rights to GSS-API Memory
+ * Management Header. This work is published from: United States.
+ */
+
+#ifndef GSSAPI_ALLOC_H
+#define GSSAPI_ALLOC_H
+
+#ifdef _WIN32
+#include "winbase.h"
+#endif
+#include <string.h>
+
+static inline void
+gssalloc_free(void * value)
+{
+    if (value)
+    {
+#if _WIN32
+        HeapFree(GetProcessHeap(), 0, value);
+#else
+        free(value);
+#endif
+    }
+}
+
+static inline void *
+gssalloc_malloc(size_t size)
+{
+#if _WIN32
+    return HeapAlloc(GetProcessHeap(), 0, size);
+#else
+    return malloc(size);
+#endif
+}
+
+static inline char *
+gssalloc_strdup(const char *str)
+{
+    char *copy = gssalloc_malloc(strlen(str)+1);
+    if (copy) {
+        strcpy(copy, str);
+    }
+    return copy;
+}
+
+#endif
diff --git a/src/util/gss-kernel-lib/Makefile.in b/src/util/gss-kernel-lib/Makefile.in
index 6b9cff5..f0f2f53 100644
--- a/src/util/gss-kernel-lib/Makefile.in
+++ b/src/util/gss-kernel-lib/Makefile.in
@@ -50,6 +50,7 @@ OBJS= \
 HEADERS= \
 	gssapi/gssapi.h \
 	gssapi/gssapi_krb5.h \
+	gssapi/gssapi_alloc.h \
 	gssapi/gssapi_ext.h \
 	gssapi.h \
 	gssapiP_krb5.h \
@@ -150,6 +151,8 @@ gssapi/gssapi.h: gssapi $(GSS_GENERIC_BUILD)/gssapi.h
 	$(CP) $(GSS_GENERIC_BUILD)/gssapi.h $@
 gssapi/gssapi_krb5.h: gssapi $(GSS_KRB5_BUILD)/gssapi_krb5.h
 	$(CP) $(GSS_KRB5_BUILD)/gssapi_krb5.h $@
+gssapi/gssapi_alloc.h: gssapi $(GSS_GENERIC)/gssapi_alloc.h
+	$(CP) $(GSS_GENERIC)/gssapi_alloc.h $@
 gssapi/gssapi_ext.h: gssapi $(GSS_GENERIC)/gssapi_ext.h
 	$(CP) $(GSS_GENERIC)/gssapi_ext.h $@
 gssapiP_krb5.h: $(GSS_KRB5)/gssapiP_krb5.h
diff --git a/src/util/gss-kernel-lib/deps b/src/util/gss-kernel-lib/deps
index 75ba053..d41671e 100644
--- a/src/util/gss-kernel-lib/deps
+++ b/src/util/gss-kernel-lib/deps
@@ -3,7 +3,7 @@
 #
 $(OUTPRE)k5seal.$(OBJEXT): autoconf.h com_err.h gssapi/gssapi.h \
   gssapi/gssapi_ext.h gssapi/gssapi_krb5.h gssapiP_generic.h \
-  gssapiP_krb5.h gssapi_err_generic.h gssapi_err_krb5.h \
+  gssapiP_krb5.h gssapi_err_generic.h gssapi_err_krb5.h  gssapi/gssapi_alloc.h\
   gssapi_generic.h k5-buf.h k5-err.h k5-gmt_mktime.h \
   k5-int-pkinit.h k5-int.h k5-platform.h k5-plugin.h \
   k5-thread.h k5-trace.h k5seal.c krb5.h krb5/authdata_plugin.h \
@@ -94,7 +94,7 @@ $(OUTPRE)util_ordering.$(OBJEXT): autoconf.h com_err.h \
   gssapi_err_generic.h gssapi_generic.h k5-buf.h k5-platform.h \
   k5-thread.h util_ordering.c
 $(OUTPRE)kernel_gss.$(OBJEXT): autoconf.h com_err.h \
-  gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h \
+  gssapi/gssapi.h gssapi/gssapi_ext.h gssapi/gssapi_krb5.h  gssapi/gssapi_alloc.h\
   gssapiP_generic.h gssapiP_krb5.h gssapi_err_generic.h \
   gssapi_err_krb5.h gssapi_generic.h k5-buf.h k5-err.h \
   k5-gmt_mktime.h k5-int-pkinit.h k5-int.h k5-platform.h \
-- 
1.7.6.3

More information about the krbdev mailing list