On Thu, Aug 22, 2013 at 03:06:11PM -0400, Aaron Schrab wrote: > There are a number of places where the data for the buffer is > allocated in a different place than the buffer itself, or where the > buffer data is a stack variable. That type of API wouldn't work in > those cases.
Indeed... this is what I was alluding to when I mentioned there were
different ways to handle the memory allocation, and in general I would
prefer using stack-allocated structures to avoid possible memory
corruption issues.
You could go crazy, and have all of these (with whatever names):
/* allocate both the struct and the data member */
BUFFER *mutt_buffer_create (BUFFER *b, size_t s, int destroy);
/* allocate the data, but not the buffer */
void *mutt_buffer_alloc (BUFFER * const b, size_t s, int destroy);
/* allocate neither, use stack-allocated stuff */
void *mutt_buffer_construct (BUFFER * const b, char *data, size_t s)
{
/* data has to be (at least cast to) char * (not const) since it's defined
that way */
b->data = data;
b->dsize = s;
b->dptr = NULL;
/* nothing to destroy */
b->destroy = 0;
}
But this may be overkill. :) I'm not sure how/if "destroy" is used in
existing code, but if it isn't already you can use this such that all
three types of buffers can be passed to buffer_free(). Though I think
you still want two destructors: buffer_free which never free()s the
struct itself, and buffer_destroy which frees both the data and the
struct itself, if destroy is non-zero.
Anyway... I must be very bored today. =8^)
> ------- 8< -----------
>
> Subject: [PATCH] Initialize BUFFER variables
>
> Ensure that BUFFER variables are initialized to prevent later attempts
> to traverse an uninitialized pointer.
> ---
> commands.c | 1 +
> hook.c | 7 +++++--
> imap/command.c | 1 +
> imap/imap.c | 1 +
> 4 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/commands.c b/commands.c
> index 13b12dd..357b354 100644
> --- a/commands.c
> +++ b/commands.c
> @@ -618,6 +618,7 @@ void mutt_enter_command (void)
> buffer[0] = 0;
> if (mutt_get_field (":", buffer, sizeof (buffer), M_COMMAND) != 0 ||
> !buffer[0])
> return;
> + mutt_buffer_init (&err);
> err.dsize = STRING;
> err.data = safe_malloc(err.dsize);
> memset (&token, 0, sizeof (token));
> diff --git a/hook.c b/hook.c
> index 3fdcfb2..f9f8588 100644
> --- a/hook.c
> +++ b/hook.c
> @@ -281,7 +281,8 @@ void mutt_folder_hook (char *path)
> BUFFER err, token;
>
> current_hook_type = M_FOLDERHOOK;
> - +
> + mutt_buffer_init (&err);
> err.dsize = STRING;
> err.data = safe_malloc (err.dsize);
> memset (&token, 0, sizeof (token));
> @@ -332,7 +333,8 @@ void mutt_message_hook (CONTEXT *ctx, HEADER *hdr, int
> type)
> HOOK *hook;
>
> current_hook_type = type;
> - +
> + mutt_buffer_init (&err);
> err.dsize = STRING;
> err.data = safe_malloc (err.dsize);
> memset (&token, 0, sizeof (token));
> @@ -476,6 +478,7 @@ void mutt_account_hook (const char* url)
> if (inhook)
> return;
>
> + mutt_buffer_init (&err);
> err.dsize = STRING;
> err.data = safe_malloc (err.dsize);
> memset (&token, 0, sizeof (token));
> diff --git a/imap/command.c b/imap/command.c
> index 4b47de2..6dfeb62 100644
> --- a/imap/command.c
> +++ b/imap/command.c
> @@ -778,6 +778,7 @@ static void cmd_parse_lsub (IMAP_DATA* idata, char* s)
> url_ciss_tostring (&url, buf + 11, sizeof (buf) - 10, 0);
> safe_strcat (buf, sizeof (buf), "\"");
> memset (&token, 0, sizeof (token));
> + mutt_buffer_init (&err);
> err.data = errstr;
> err.dsize = sizeof (errstr);
> if (mutt_parse_rc_line (buf, &token, &err))
> diff --git a/imap/imap.c b/imap/imap.c
> index 83b05d6..b263abf 100644
> --- a/imap/imap.c
> +++ b/imap/imap.c
> @@ -1828,6 +1828,7 @@ int imap_subscribe (char *path, int subscribe)
> if (option (OPTIMAPCHECKSUBSCRIBED))
> {
> memset (&token, 0, sizeof (token));
> + mutt_buffer_init (&err);
> err.data = errstr;
> err.dsize = sizeof (errstr);
> snprintf (mbox, sizeof (mbox), "%smailboxes \"%s\"",
> --
> 1.7.10.4
>
--
Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpP2vWlVztIo.pgp
Description: PGP signature
