Bug 107741

Summary: DBUS_MALLOC attribute on dbus_realloc() is inappropriate
Product: dbus Reporter: Simon McVittie <smcv>
Component: coreAssignee: Simon McVittie <smcv>
Status: RESOLVED FIXED QA Contact: D-Bus Maintainers <dbus>
Severity: normal    
Priority: medium Keywords: patch
Version: git master   
Hardware: Other   
OS: All   
Whiteboard: review+
i915 platform: i915 features:
Attachments: Do not apply __attribute__((__malloc__)) to dbus_realloc()

Description Simon McVittie 2018-08-29 18:45:44 UTC 
Created attachment 141362 [details] [review]
Do not apply __attribute__((__malloc__)) to dbus_realloc()

As noted in GLib commit c879f50f, gcc's interpretation of the malloc
attribute has become more strict over time, which could result in
miscompilation. The new definition is that in addition to assuming
that the returned memory block is newly-allocated, gcc now assumes
that it does not contain any valid pointers. This is OK for
uninitialized or zero-initialized memory returned by dbus_malloc()
or dbus_malloc0(), but not valid for dbus_realloc(), which might be
used for a dynamically-sized array of (structures containing)
valid pointers.

See https://gitlab.gnome.org/GNOME/glib/issues/1465

---

Also proposed for dbus-1.12 and dbus-1.10, since silent miscompilation is scary and the patch is trivial.

The annotation was added by Bug #32710.
Comment 1 Philip Withnall 2018-08-30 09:42:36 UTC 
Comment on attachment 141362 [details] [review]
Do not apply __attribute__((__malloc__)) to dbus_realloc()

Review of attachment 141362 [details] [review]:
-----------------------------------------------------------------

r+++++
Comment 2 Simon McVittie 2018-08-30 16:48:37 UTC 
Thanks, will merge when CI completes (should be in dbus 1.13.8, 1.12.12 and 1.10.28).
Comment 3 Simon McVittie 2018-08-30 17:34:15 UTC 
Fixed in git for 1.13.8, 1.12.12 and 1.10.28

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.