Commit e8ad2326 authored by Yong Bakos's avatar Yong Bakos Committed by Pekka Paalanen

wl_array: Set data to invalid address after free

Explicitly set the data member to an invalid memory address during
wl_array_release, such that re-using a freed wl_array without re-initializing
causes a crash. In addition, this pointer assignment makes wl_array_release
testable.

Define a constant for the invalid memory address, and add documentation about
this behavior, starting at libwayland version 1.13.

See https://lists.freedesktop.org/archives/wayland-devel/2016-September/031116.htmlSigned-off-by: default avatarYong Bakos <ybakos@humanoriented.com>
Reviewed-by: Eric Engestrom's avatarEric Engestrom <eric.engestrom@imgtec.com>
[Pekka: remove the doc about crashing]
Signed-off-by: Pekka Paalanen's avatarPekka Paalanen <pekka.paalanen@collabora.co.uk>
parent db617960
......@@ -36,6 +36,9 @@
#include "wayland-util.h"
/* Invalid memory address */
#define WL_ARRAY_POISON_PTR (void *) 4
#define ARRAY_LENGTH(a) (sizeof (a) / sizeof (a)[0])
#define container_of(ptr, type, member) ({ \
......
......@@ -102,6 +102,7 @@ WL_EXPORT void
wl_array_release(struct wl_array *array)
{
free(array->data);
array->data = WL_ARRAY_POISON_PTR;
}
WL_EXPORT void *
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment