Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
base repository: proglottis/gpgme
base: v0.1.0
Choose a base ref
head repository: proglottis/gpgme
compare: v0.1.1
Choose a head ref
  • 6 commits
  • 5 files changed
  • 2 contributors

Commits on Oct 30, 2019

  1. Fix travis-ci builds

    proglottis committed Oct 30, 2019
  2. Merge pull request #21 from proglottis/fix_builds

    Fix travis-ci builds
    proglottis committed Oct 30, 2019

Commits on Jan 10, 2020

  1. Ensure Data is not dellocated while C code is still using it

    As far as Go is concerned, Data.dh and Data.cbc are just values, so it is
    OK to implement
    > cgo_call(d.dh)
    as
    > tmp := d.dh
    > dropReferenceTo(d)
    > // d's finalizer can be called at any point from now on, possibly deallocating d.dh
    > cgo_call(tmp) // possibly using free memory
    
    To fix this, explicitly extend the lifetime of Data:
    > cgo_call(d.dh)
    > runtime.KeepAlive(d)
    becomes
    > tmp := d.dh
    > cgo_call(tmp) // d.dh is certainly still valid
    > dropReferenceTo(d)
    > // d's finalizer can be called from now on, possibly deallocating d.dh
    
    Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    mtrmac committed Jan 10, 2020
  2. Ensure Context is not dellocated while C code is still using it

    As far as Go is concerned, Context.ctx and Context.cbc are just values, so it is
    OK to implement
    > cgo_call(c.ctx)
    as
    > tmp := c.ctx
    > dropReferenceTo(c)
    > // c's finalizer can be called at any point from now on, possibly deallocating c.ctx
    > cgo_call(tmp) // possibly using free memory
    
    To fix this, explicitly extend the lifetime of Context:
    > cgo_call(c.ctx)
    > runtime.KeepAlive(c)
    becomes
    > tmp := c.ctx
    > cgo_call(tmp) // c.ctx is certainly still valid
    > dropReferenceTo(c)
    > // c's finalizer can be called from now on, possibly deallocating c.ctx
    
    To be extra careful, this adds runtime.KeepAlive calls even in cases where the current
    code path necessarily keeps c alive afterwards, so that the patern is clear and so
    that future possible changes to the code don't invalidate this assumption.
    
    Secondarily, in a few cases GPGMe returns internal pointers inside Context.ctx;
    in that case, extend the lifetime of Context until we make a complete copy of
    the data.
    
    As a special case, EngineInfo is now not just a wrapper around a C pointer with
    an unknown lifetime, but we make a full copy of the data when obtaining the pointer
    so that we can safely use it after dropping the context that returned the information,
    or after changing the information and possibly invalidating the pointers.
    
    Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    mtrmac committed Jan 10, 2020
  3. Ensure Key is not dellocated while C code is still using it

    As far as Go is concerned, Key.k is just a value, so it is
    OK to implement
    > cgo_call(k.k)
    as
    > tmp := k.k
    > dropReferenceTo(k)
    > // k's finalizer can be called at any point from now on, possibly deallocating k.k
    > cgo_call(tmp) // possibly using free memory
    
    To fix this, explicitly extend the lifetime of Key:
    > cgo_call(k.k)
    > runtime.KeepAlive(k)
    becomes
    > tmp := k.k
    > cgo_call(tmp) // k.k is certainly still valid
    > dropReferenceTo(k)
    > // k's finalizer can be called from now on, possibly deallocating k.k
    
    Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    mtrmac committed Jan 10, 2020

Commits on Jan 15, 2020

  1. Merge pull request #23 from mtrmac/lifetimes

    Ensure finalizers don't deallocate GPGME objects while C code is still using them
    proglottis committed Jan 15, 2020