126921 - mismatches between C runtime library memory allocation functions and NSPR memory allocation functions

Status: NEW

(NSS :: Libraries, defect, P3)

Description

[Julien Pierre]

I believe we have many places in the NSS code where we are assuming PR_Free will
work on a pointer allocated from the standard C lib. For example, in our
headers, PR_Strdup is a macro to strdup (except on Mac). Then we try to free it
with PR_Free. This can cause problems especially with the zone allocator.
This scenario actually happens in the PKCS#11 module initialization code where
the  module name gets duplicated.

It normally doesn't get exposed because PR_Free maps to free() most of the time,
and works. Even with the zone allocator, if we don't find it in the zone map, we
fall back to free(). This can mask many problems like double-frees.

I actually ran into this on NT because I had a mismatch of runtime libraries for
NSS, NSPR and the web server I was running on. NSPR was built in OBJD mode and
the free caused an assertion in the MS runtime library.

I would suggest that we should have a way to make the zone allocator assert in
cases where the block to free isn't found in the zones. For NT we could force
that to occur in the OBJD builds since we have to do them anyway.
For other platforms I suggest an environment variable. Using that, we can then
debug all of our invalid malloc/PR_Malloc vs PR_free/free assumptions and clean
up our code.

Comment 1

[Wan-Teh Chang]

The PORT_Strdup problem that Julien mentioned has been
fixed in bug 131057.

Comment 2

[Wan-Teh Chang]

Changed the QA contact to Bishakha.

Comment 3

[Wan-Teh Chang]

Set target milestone to NSS 3.5.

Comment 4

[Wan-Teh Chang]

Moved to target milestone 3.8 because the original
NSS 3.7 release has been renamed 3.8.

Comment 5

[Nelson Bolyard (seldom reads bugmail)]

Remove target milestone of 3.8, since these bugs didn't get into that release.

Comment 6

[Kirk Erickson]

Target Milestone: 3.9