X-Git-Url: https://git.ozlabs.org/?p=ccan;a=blobdiff_plain;f=ccan%2Ftalloc%2Ftalloc.h;h=fb2cbad7446d013076971da5c4e5a227426c9402;hp=e38d05b8095ca9d55abdbd8e9ac833e31ca08c0c;hb=f4b1f445a7b21b1599530afb897ef54efe15479d;hpb=d419d5c947a4191aa5dffdcb7c5142ce58457d3d

diff --git a/ccan/talloc/talloc.h b/ccan/talloc/talloc.h
index e38d05b8..fb2cbad7 100644
--- a/ccan/talloc/talloc.h
+++ b/ccan/talloc/talloc.h
@@ -27,6 +27,7 @@
 #include <stdio.h>
 #include <stdarg.h>
 #include <ccan/typesafe_cb/typesafe_cb.h>
+#include <ccan/compiler/compiler.h>
 #include "config.h"
 
 /*
@@ -39,16 +40,6 @@
 #define __location__ __FILE__ ":" __TALLOC_STRING_LINE3__
 #endif
 
-#if HAVE_ATTRIBUTE_PRINTF
-/** Use gcc attribute to check printf fns.  a1 is the 1-based index of
- * the parameter containing the format, and a2 the index of the first
- * argument. Note that some gcc 2.x versions don't handle this
- * properly **/
-#define PRINTF_ATTRIBUTE(a1, a2) __attribute__ ((format (__printf__, a1, a2)))
-#else
-#define PRINTF_ATTRIBUTE(a1, a2)
-#endif
-
 /* try to make talloc_set_destructor() and talloc_steal() type safe,
    if we have a recent gcc */
 #if HAVE_TYPEOF
@@ -87,6 +78,30 @@
  */
 #define talloc(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type)
 
+/**
+ * talloc_set - allocate dynamic memory for a type, into a pointer
+ * @ptr: pointer to the pointer to assign.
+ * @ctx: context to be parent of this allocation, or NULL.
+ *
+ * talloc_set() does a talloc, but also adds a destructor which will make the
+ * pointer invalid when it is freed.  This can find many use-after-free bugs.
+ *
+ * Note that the destructor is chained off a zero-length allocation, and so
+ * is not affected by talloc_set_destructor().
+ *
+ * Example:
+ *	unsigned int *a;
+ *	a = talloc(NULL, unsigned int);
+ *	talloc_set(&b, a, unsigned int);
+ *	talloc_free(a);
+ *	*b = 1; // This will crash!
+ *
+ * See Also:
+ *	talloc.
+ */
+#define talloc_set(pptr, ctx) \
+	_talloc_set((pptr), (ctx), sizeof(&**(pptr)), __location__)
+
 /**
  * talloc_free - free talloc'ed memory and its children
  * @ptr: the talloced pointer to free
@@ -172,7 +187,7 @@ int talloc_free(const void *ptr);
  *	talloc, talloc_free
  */
 #define talloc_set_destructor(ptr, function)				      \
-	_talloc_set_destructor((ptr), typesafe_cb(int, (function), (ptr)))
+	_talloc_set_destructor((ptr), typesafe_cb_def(int, (function), (ptr)))
 
 /**
  * talloc_zero - allocate zeroed dynamic memory for a type
@@ -940,6 +955,7 @@ void *talloc_add_external(const void *ctx,
 
 /* The following definitions come from talloc.c  */
 void *_talloc(const void *context, size_t size);
+void _talloc_set(void *ptr, const void *ctx, size_t size, const char *name);
 void _talloc_set_destructor(const void *ptr, int (*destructor)(void *));
 size_t talloc_reference_count(const void *ptr);
 void *_talloc_reference(const void *context, const void *ptr);