[sr-dev] git:master: core/mem: moved safety check for null before range check in *free()

Daniel-Constantin Mierla miconda at gmail.com
Thu Sep 27 15:02:06 CEST 2012 

Module: sip-router
Branch: master
Commit: 927a8a1aa705438d210fc244066a8c5a5b84a746
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=927a8a1aa705438d210fc244066a8c5a5b84a746

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date:   Thu Sep 27 14:57:51 2012 +0200

core/mem: moved safety check for null before range check in *free()

- affects only when memory debug is enabled at compilation
- apparently libssl has some free(0) which makes it not possible to work
  with memory debugging (reported on irc channel)

---

 mem/f_malloc.c |   11 +++++++----
 mem/q_malloc.c |   16 ++++++++++++----
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/mem/f_malloc.c b/mem/f_malloc.c
index e3edf54..e9cbc0b 100644
--- a/mem/f_malloc.c
+++ b/mem/f_malloc.c
@@ -507,18 +507,21 @@ void fm_free(struct fm_block* qm, void* p)
 
 #ifdef DBG_F_MALLOC
 	MDBG("fm_free(%p, %p), called from %s: %s(%d)\n", qm, p, file, func, line);
+#endif
+	if (p==0) {
+		LOG(L_WARN, "WARNING:fm_free: free(0) called\n");
+		return;
+	}
+#ifdef DBG_F_MALLOC
 	if (p>(void*)qm->last_frag || p<(void*)qm->first_frag){
 		LOG(L_CRIT, "BUG: fm_free: bad pointer %p (out of memory block!),"
 				" called from %s: %s(%d) - aborting\n", p,
 				file, func, line);
 		if(likely(cfg_get(core, core_cfg, mem_safety)==0))
 			abort();
+		else return;
 	}
 #endif
-	if (p==0) {
-		LOG(L_WARN, "WARNING:fm_free: free(0) called\n");
-		return;
-	}
 	f=(struct fm_frag*) ((char*)p-sizeof(struct fm_frag));
 #ifdef DBG_F_MALLOC
 	MDBG("fm_free: freeing block alloc'ed from %s: %s(%ld)\n",
diff --git a/mem/q_malloc.c b/mem/q_malloc.c
index fd93edb..4649474 100644
--- a/mem/q_malloc.c
+++ b/mem/q_malloc.c
@@ -435,18 +435,25 @@ void qm_free(struct qm_block* qm, void* p)
 
 #ifdef DBG_QM_MALLOC
 	MDBG("qm_free(%p, %p), called from %s: %s(%d)\n", qm, p, file, func, line);
+#endif
+
+	if (p==0) {
+		LOG(L_WARN, "WARNING:qm_free: free(0) called\n");
+		return;
+	}
+
+#ifdef DBG_QM_MALLOC
 	if (p>(void*)qm->last_frag_end || p<(void*)qm->first_frag){
 		LOG(L_CRIT, "BUG: qm_free: bad pointer %p (out of memory block!)"
 				" called from %s: %s(%d) - aborting\n", p, file, func, line);
 		if(likely(cfg_get(core, core_cfg, mem_safety)==0))
 			abort();
+		else return;
 	}
 #endif
-	if (p==0) {
-		LOG(L_WARN, "WARNING:qm_free: free(0) called\n");
-		return;
-	}
+
 	f=(struct qm_frag*) ((char*)p-sizeof(struct qm_frag));
+
 #ifdef DBG_QM_MALLOC
 	qm_debug_frag(qm, f);
 	if (f->u.is_free){
@@ -455,6 +462,7 @@ void qm_free(struct qm_block* qm, void* p)
 				p, file, func, line, f->file, f->func, f->line);
 		if(likely(cfg_get(core, core_cfg, mem_safety)==0))
 			abort();
+		else return;
 	}
 	MDBG("qm_free: freeing frag. %p alloc'ed from %s: %s(%ld)\n",
 			f, f->file, f->func, f->line);

More information about the sr-dev mailing list