BIND 10 trac2850_4, updated. cc489915a21327fff39fad6767649c6b2b55ec79 [2850] Update code to use safer ZoneTable::create()
BIND 10 source code commits
bind10-changes at lists.isc.org
Mon May 20 07:27:14 UTC 2013
The branch, trac2850_4 has been updated
via cc489915a21327fff39fad6767649c6b2b55ec79 (commit)
from f91e51c212f329dffb26d50643d41a7d27552227 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cc489915a21327fff39fad6767649c6b2b55ec79
Author: Mukund Sivaraman <muks at isc.org>
Date: Mon May 20 12:56:06 2013 +0530
[2850] Update code to use safer ZoneTable::create()
-----------------------------------------------------------------------
Summary of changes:
src/lib/datasrc/memory/zone_table.cc | 2 +-
src/lib/datasrc/memory/zone_table.h | 3 +-
.../datasrc/memory/zone_table_segment_mapped.cc | 42 ++++++--------------
3 files changed, 16 insertions(+), 31 deletions(-)
-----------------------------------------------------------------------
diff --git a/src/lib/datasrc/memory/zone_table.cc b/src/lib/datasrc/memory/zone_table.cc
index 2ecf14a..abcc235 100644
--- a/src/lib/datasrc/memory/zone_table.cc
+++ b/src/lib/datasrc/memory/zone_table.cc
@@ -59,7 +59,7 @@ ZoneTable::create(util::MemorySegment& mem_sgmt, const RRClass& zone_class) {
}
void
-ZoneTable::destroy(util::MemorySegment& mem_sgmt, ZoneTable* ztable)
+ZoneTable::destroy(util::MemorySegment& mem_sgmt, ZoneTable* ztable, int)
{
ZoneTableTree::destroy(mem_sgmt, ztable->zones_.get(),
boost::bind(deleteZoneData, &mem_sgmt, _1,
diff --git a/src/lib/datasrc/memory/zone_table.h b/src/lib/datasrc/memory/zone_table.h
index d3bf903..db97b3c 100644
--- a/src/lib/datasrc/memory/zone_table.h
+++ b/src/lib/datasrc/memory/zone_table.h
@@ -147,7 +147,8 @@ public:
/// \param ztable A non NULL pointer to a valid \c ZoneTable object
/// that was originally created by the \c create() method (the behavior
/// is undefined if this condition isn't met).
- static void destroy(util::MemorySegment& mem_sgmt, ZoneTable* ztable);
+ static void destroy(util::MemorySegment& mem_sgmt, ZoneTable* ztable,
+ int = 0);
/// \brief Return the number of zones contained in the zone table.
///
diff --git a/src/lib/datasrc/memory/zone_table_segment_mapped.cc b/src/lib/datasrc/memory/zone_table_segment_mapped.cc
index e65b138..043d4e7 100644
--- a/src/lib/datasrc/memory/zone_table_segment_mapped.cc
+++ b/src/lib/datasrc/memory/zone_table_segment_mapped.cc
@@ -13,12 +13,15 @@
// PERFORMANCE OF THIS SOFTWARE.
#include <datasrc/memory/zone_table_segment_mapped.h>
+#include <datasrc/memory/zone_table.h>
+#include <datasrc/memory/segment_object_holder.h>
#include <memory>
using namespace isc::data;
using namespace isc::dns;
using namespace isc::util;
+using isc::datasrc::memory::detail::SegmentObjectHolder;
namespace isc {
namespace datasrc {
@@ -129,35 +132,16 @@ ZoneTableSegmentMapped::processHeader(MemorySegmentMapped& segment,
return (false);
}
- void* ptr = NULL;
- while (!ptr) {
- try {
- ptr = segment.allocate(sizeof(ZoneTableHeader));
- } catch (const MemorySegmentGrown&) {
- // Do nothing and try again.
- }
- }
- try {
- // FIXME: in theory this code is not safe:
- // - ZoneTable::create could throw MemorySegmentGrown, leaking
- // ptr
- // - even on successful return from ZoneTable::create(), ptr
- // could be relocated due to its internal implementation detail
- // So, to make it 100% safe we should protect both ptr and
- // zone table in something similar to SegmentObjectHolder, get
- // their addresses via the holder's get() method, and expect
- // MemorySegmentGrown and handle it. However, in this specific
- // context the segment should have sufficient capacity in practice
- // and the above cases are extremely unlikely to happen. So
- // we go for simpler code for now.
- ZoneTableHeader* new_header = new(ptr)
- ZoneTableHeader(ZoneTable::create(segment, rrclass_));
- segment.setNamedAddress(ZONE_TABLE_HEADER_NAME, new_header);
- } catch (const MemorySegmentGrown&) {
- // This is extremely unlikely and we just throw a fatal
- // exception here without attempting to recover.
-
- throw std::bad_alloc();
+ while (true) {
+ try {
+ SegmentObjectHolder<ZoneTable, int> zt_holder(segment, 0);
+ zt_holder.set(ZoneTable::create(segment, rrclass_));
+ void* ptr = segment.allocate(sizeof(ZoneTableHeader));
+ ZoneTableHeader* new_header = new(ptr)
+ ZoneTableHeader(zt_holder.release());
+ segment.setNamedAddress(ZONE_TABLE_HEADER_NAME, new_header);
+ break;
+ } catch (const MemorySegmentGrown&) {}
}
}
More information about the bind10-changes
mailing list