[YAMos-dev] Re: Preventing use of invalid pointers

  • From: Jens Langner <Jens.Langner@xxxxxxxxxxxxxx>
  • To: yamos-dev@xxxxxxxxxxxxx
  • Date: Mon, 13 Nov 2006 18:23:47 +0100

Thore Böckelmann schrieb:

>> As said in my last mail. You might consider doing that in the
>> RemoveMailFromList() function in YAM_UT.c instead.
> That doesn't help much. RemoveMailFromList() is called from just three
> different places (YAM_MA.c/MA_DeleteSingle() and MA_MoveCopySingle() and
> YAM_WR.c/WR_NewMail()). In all three cases the used pointer is not used
> anymore in these functions, so there is no problem. The problem is
> located in the calling functions, where the embedded mail pointer in
> each function separately, because RemoveMailFromList() doesn't know
> about any references to the freed structure by any other structure.

Well, my idea was to search through all possible structures (mostly the
ReadMailData structures in the readmail data list) in
RemoveMailFromList(). That would solve the general issue. I mean, we
could easily add some logic before the final "free(mail)" in
RemoveMailFromList() where we search through all ReadMailData
structures, comparing the pointer and setting it to NULL if it matches.
That was the idea.

> So we have 3 locations to fix: ReadMailGroup.c/DeleteMail,
> ReadWindow.c/DeleteMailRequest and ReadWindow.c/MoveMailRequest.

I saw your fix. Ok. However, please think about it again as fixing it at
the root would probably be a better approach IMHO.

> What happens if you have one mail displayed in a window/group, then
> select several mails in the mail list including the one being displayed
> and then move these to another folder? There is no specific mail pointer
> involved, since MA_MoveCopy() gets a NULL pointer passed in and gets the
> mails to be moved it self. The open read window would then still have an
> invalid pointer to a no longer existing struct Mail. MA_DeleteSingle()
> handles open write windows, but what about read windows? Are these
> handled implicitly? Or does an open read window have its own complete
> copy of a mail?

Well, I dunno it out of my mind, but in such a case the mail pointer
should either be set to the new one or the window closed/removed.

> What about an embedded struct MinList in struct Mail, which contains all
> struct ReadMailData nodes which refer to this mail? That would of course
> require an addition struct MinNode in struct ReadMailData, because the
> existing one is already use for another list.
> With such a list all pending references to a mail could be NULLed before
> the pointer is actually freed. But the question is, if this is really
> necessary and if it is worth the effort...

A new struct MinList would really be too much, I guess.

Jens Langner                                         Ph: +49-172-4452254
Rißweg 27b
01324 Dresden                                Jens.Langner@xxxxxxxxxxxxxx
Germany                                      http://www.jens-langner.de/
YAM developer mailing list - http://www.freelists.org/list/yamos-dev
Listserver help...: mailto:yamos-dev-request@xxxxxxxxxxxxx?subject=HELP
Unsubscribe: mailto:yamos-dev-request@xxxxxxxxxxxxx?subject=UNSUBSCRIBE

Other related posts: