asfgit closed pull request #426: DISPATCH-1225: fill freed memory with a
pattern for debugging
URL: https://github.com/apache/qpid-dispatch/pull/426
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/include/qpid/dispatch/alloc.h b/include/qpid/dispatch/alloc.h
index 1f6a3c85..3ee45661 100644
--- a/include/qpid/dispatch/alloc.h
+++ b/include/qpid/dispatch/alloc.h
@@ -20,6 +20,19 @@
*/
#include "config.h"
+#include <string.h>
+
+
+#if !defined(NDEBUG)
+#define QD_MEMORY_DEBUG 1
+// when debugging fill allocated/deallocated memory
+// to catch uinitialized access or use after free
+#define QD_MEMORY_FREE 0x99
+#define QD_MEMORY_INIT 0x11
+#define QD_MEMORY_FILL(P,C,S) do { if (P) { memset((P),(C),(S)); } } while (0)
+#else
+#define QD_MEMORY_FILL(P,C,S)
+#endif
#if USE_MEMORY_POOL
#include "alloc_pool.h"
diff --git a/include/qpid/dispatch/alloc_malloc.h
b/include/qpid/dispatch/alloc_malloc.h
index 3ba6cf34..12d683e0 100644
--- a/include/qpid/dispatch/alloc_malloc.h
+++ b/include/qpid/dispatch/alloc_malloc.h
@@ -20,6 +20,7 @@
*/
#include <stdint.h>
+#include <string.h>
/**
*@file
@@ -32,9 +33,14 @@
T *new_##T(void); \
void free_##T(T *p)
-#define ALLOC_DEFINE_CONFIG(T,S,A,C) \
- T *new_##T(void) { size_t *a = (A); return (T*) malloc((S)+ (a ? *a : 0));
} \
- void free_##T(T *p) { free(p); } \
+#define ALLOC_DEFINE_CONFIG(T,S,A,C) \
+ T *new_##T(void) { size_t *a = (A); \
+ T *p = malloc((S)+ (a ? *a : 0)); \
+ QD_MEMORY_FILL(p, QD_MEMORY_INIT, (S) + (a ? *a : 0)); \
+ return p; } \
+ void free_##T(T *p) { size_t *a = (A); \
+ QD_MEMORY_FILL(p, QD_MEMORY_FREE, (S) + (a ? *a : 0)); \
+ free(p); } \
void *unused##T
#define ALLOC_DEFINE(T) ALLOC_DEFINE_CONFIG(T, sizeof(T), 0, 0)
diff --git a/src/alloc_pool.c b/src/alloc_pool.c
index 170fd578..28e8da33 100644
--- a/src/alloc_pool.c
+++ b/src/alloc_pool.c
@@ -28,10 +28,6 @@
#include "entity_cache.h"
#include "config.h"
-#if !defined(NDEBUG)
-#define QD_MEMORY_DEBUG 1
-#endif
-
const char *QD_ALLOCATOR_TYPE = "allocator";
typedef struct qd_alloc_type_t qd_alloc_type_t;
@@ -149,6 +145,7 @@ void *qd_alloc(qd_alloc_type_desc_t *desc, qd_alloc_pool_t
**tpool)
item->desc = desc;
item->header = PATTERN_FRONT;
*((uint32_t*) ((char*) &item[1] + desc->total_size))= PATTERN_BACK;
+ QD_MEMORY_FILL(&item[1], QD_MEMORY_INIT, desc->total_size);
#endif
return &item[1];
}
@@ -202,6 +199,7 @@ void *qd_alloc(qd_alloc_type_desc_t *desc, qd_alloc_pool_t
**tpool)
item->desc = desc;
item->header = PATTERN_FRONT;
*((uint32_t*) ((char*) &item[1] + desc->total_size))= PATTERN_BACK;
+ QD_MEMORY_FILL(&item[1], QD_MEMORY_INIT, desc->total_size);
#endif
return &item[1];
}
@@ -224,6 +222,7 @@ void qd_dealloc(qd_alloc_type_desc_t *desc, qd_alloc_pool_t
**tpool, char *p)
assert (*((uint32_t*) (p + desc->total_size)) == PATTERN_BACK);
assert (item->desc == desc); // Check for double-free
item->desc = 0;
+ QD_MEMORY_FILL(p, QD_MEMORY_FREE, desc->total_size);
#endif
//
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
