For review: GSS memory allocation patch
Greg Hudson
ghudson at MIT.EDU
Fri Oct 14 13:57:50 EDT 2011
On 10/14/2011 12:38 PM, Kevin Wasserman wrote:
> I am a liar. It did previously free list as well and properly
> set the pointer to NULL. So do you actually want to lose the
> indirection and leave the caller with a dangling pointer
> to freed memory?
Yes, just like free() does. The caller should set its pointer to NULL
immediately after destroying it via data_list_to_buffer_set() so it
doesn't double-free.
> Also, apologies if I'm being dense, but I'm not sure I understand
> what you mean by "the caller should not fail when the output
> attribute parameter is NULL." I'm not seeing where the caller
> is failing in that case.
As Sam said, the mechglue should avoid calling into the mech if attrs is
NULL, since the caller doesn't want attributes. This is not your
responsibility, though.
Arguably, the mechanism function should also behave appropriately if
called with attrs == NULL, on the principal that the SPI and API
contracts should be similar if they look similar. This is not terribly
important if the mechglue function is fixed, and is not your
responsibility anyway, but it may be convenient to make it happen when
cleaning up the helper contract.
More information about the krbdev
mailing list