[tor-dev] Remove NULL checks for *_free() calls

tordev123 at Safe-mail.net tordev123 at Safe-mail.net
Mon Aug 31 15:47:06 UTC 2015


-------- Original Message --------
From: Zack Weinberg <zackw at panix.com>
To: tor-dev at lists.torproject.org
Subject: Re: [tor-dev] Remove NULL checks for *_free() calls
Date: Mon, 31 Aug 2015 10:29:31 -0400

> > But you did find some places they forgot to assign NULL after free.
> 
> Unfortunately, setting pointers to 0 after free doesn't help avoid
> double free bugs in practice.  Double frees happen when there are two
> different pointers to the same memory block and both holders think
> it's their responsibility to deallocate the object.  Clearing one
> pointer does precisely nothing to the *other* pointer.

Double free is relatively harmless, you usually get a nice crash or noticable memory corruption.

What zeroing deleted pointers also gives you is protection against some dangling pointer bugs. Those can be very difficult to track down when the dangling pointer usage is only brief after the free and the bug only manifests itself every full moon.

Tor itself is small and fast enough to be run with a memory debugger. Someone is hopefully doing that and this is a moot point.


More information about the tor-dev mailing list