For review: GSS memory allocation patch

Kevin Wasserman krwasserman at
Fri Oct 14 14:18:30 EDT 2011

Thanks, sorry for being dense; fixes here (including mechanism
dealing with NULL output attr properly, I believe.)

gssalloc-related fixes to naming_exts.c:


-----Original Message----- 
From: Greg Hudson
Sent: Friday, October 14, 2011 1:57 PM
To: Kevin Wasserman
Cc: Sam Hartman ; krbdev at
Subject: Re: For review: GSS memory allocation patch

On 10/14/2011 12:38 PM, Kevin Wasserman wrote:
> I am a liar.  It did previously free list as well and properly
> set the pointer to NULL.  So do you actually want to lose the
> indirection and leave the caller with a dangling pointer
> to freed memory?

Yes, just like free() does.  The caller should set its pointer to NULL
immediately after destroying it via data_list_to_buffer_set() so it
doesn't double-free.

> Also, apologies if I'm being dense, but I'm not sure I understand
> what you mean by "the caller should not fail when the output
> attribute parameter is NULL."  I'm not seeing where the caller
> is failing in that case.

As Sam said, the mechglue should avoid calling into the mech if attrs is
NULL, since the caller doesn't want attributes.  This is not your
responsibility, though.

Arguably, the mechanism function should also behave appropriately if
called with attrs == NULL, on the principal that the SPI and API
contracts should be similar if they look similar.  This is not terribly
important if the mechglue function is fixed, and is not your
responsibility anyway, but it may be convenient to make it happen when
cleaning up the helper contract. 

More information about the krbdev mailing list