[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH glibc 26/34] hurd: Remove __hurd_local_reply_port

From: Samuel Thibault
Subject: Re: [RFC PATCH glibc 26/34] hurd: Remove __hurd_local_reply_port
Date: Tue, 11 Apr 2023 22:18:45 +0200
User-agent: NeoMutt/20170609 (1.8.3)

Sergey Bugaev, le mar. 11 avril 2023 11:00:27 +0300, a ecrit:
> Side note, I really really dislike this idea of some code still referencing
> port names that are no longer valid / deallocated / reused by someone else.
> This is really prone to use-after-frees. Typically we'd solve this by
> leaving a dead-name right in place of the port, and having
> mig_dealloc_reply_port () dealloc this dead name.

That could be better indeed. Rather than modifying refs under the hood,
let the code manage them.

> But in this case... we're fairly sure that the code really doesn't do
> anything with the name that it has, other than immediately calling
> mig_dealloc_reply_port () on it; and there'd have to be a separate code path
> for deallocating the dead name since mach_port_mod_refs (recv, -1) won't do
> it (mach_port_destroy would handle both, but using that is a terrible idea).
> So in order not to overcomplicate this, in this particular case, it should
> be fine to just deallocate the stored reply port and not what the user has,
> as you're saying. But it definitely needs a comment explaining this.

Completely agree :)

> And maybe an assert (port == arg || port == MACH_PORT_NULL).

If that does indeed work, yes :)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]