From 0186592a67a28417f1dabbb1790560d8cd1033d4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Mon, 18 Nov 2019 14:43:06 -0500 Subject: [PATCH] Fix: invalid use of destructor in dynamic pointer array MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit A dynamic pointer array is built on top of a dynamic array and uses the dynamic array's internal "destructor" field to store the user-specified destructor. lttng_dynamic_pointer_array_remove_pointer currently uses the dynamic array's remove_element directly which causes the user destructor to be called with the underlying storage of the pointer rather than with the pointer itself. This change re-uses the same pattern as lttng_dynamic_pointer_array_reset(), namely using the destructor explicitly and setting it to NULL for the duration of the call to the dynamic array API. Signed-off-by: Jérémie Galarneau --- src/common/dynamic-array.c | 26 ++++++++++++++++++++++++++ src/common/dynamic-array.h | 7 ++----- 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/src/common/dynamic-array.c b/src/common/dynamic-array.c index ac2a6d5aa..094e269a4 100644 --- a/src/common/dynamic-array.c +++ b/src/common/dynamic-array.c @@ -95,6 +95,28 @@ void lttng_dynamic_pointer_array_init( lttng_dynamic_array_init(&array->array, sizeof(void *), destructor); } +LTTNG_HIDDEN +int lttng_dynamic_pointer_array_remove_pointer( + struct lttng_dynamic_pointer_array *array, size_t index) +{ + int ret; + const lttng_dynamic_array_element_destructor destructor = + array->array.destructor; + + /* + * Prevent the destructor from being used by the underlying + * dynamic array. + */ + array->array.destructor = NULL; + if (destructor) { + destructor(lttng_dynamic_pointer_array_get_pointer(array, + index)); + } + ret = lttng_dynamic_array_remove_element(&array->array, index); + array->array.destructor = destructor; + return ret; +} + /* Release any memory used by the dynamic array. */ LTTNG_HIDDEN void lttng_dynamic_pointer_array_reset( @@ -108,6 +130,10 @@ void lttng_dynamic_pointer_array_reset( array, i); array->array.destructor(ptr); } + /* + * Prevent the destructor from being used by the underlying + * dynamic array. + */ array->array.destructor = NULL; } lttng_dynamic_array_reset(&array->array); diff --git a/src/common/dynamic-array.h b/src/common/dynamic-array.h index e97b51d5d..1fbc29b70 100644 --- a/src/common/dynamic-array.h +++ b/src/common/dynamic-array.h @@ -146,12 +146,9 @@ int lttng_dynamic_pointer_array_add_pointer( * count is decreased by one and the following pointers are shifted to * take the place of the removed pointer (if applicable). */ -static inline +LTTNG_HIDDEN int lttng_dynamic_pointer_array_remove_pointer( - struct lttng_dynamic_pointer_array *array, size_t index) -{ - return lttng_dynamic_array_remove_element(&array->array, index); -} + struct lttng_dynamic_pointer_array *array, size_t index); /* Release any memory used by the dynamic array. */ LTTNG_HIDDEN -- 2.34.1