commit 2948843f182ffe1feb27ae8e82bf997775d16020
Author: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Wed Nov 30 20:59:23 2022 +0000
Introduce VSA_free() and constify suckaddrs
Inspired by: CHERI
diff --git a/bin/varnishd/cache/cache_backend_probe.c b/bin/varnishd/cache/cache_backend_probe.c
index 594dc7627..d38a51b72 100644
--- a/bin/varnishd/cache/cache_backend_probe.c
+++ b/bin/varnishd/cache/cache_backend_probe.c
@@ -247,7 +247,7 @@ vbp_write_proxy_v1(struct vbp_target *vt, int *sock)
char addr[VTCP_ADDRBUFSIZE];
char port[VTCP_PORTBUFSIZE];
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
int proto;
struct vsb vsb;
diff --git a/bin/varnishd/common/heritage.h b/bin/varnishd/common/heritage.h
index 06dbe177d..5b68d96a3 100644
--- a/bin/varnishd/common/heritage.h
+++ b/bin/varnishd/common/heritage.h
@@ -48,7 +48,7 @@ struct listen_sock {
int uds;
char *endpoint;
const char *name;
- struct suckaddr *addr;
+ const struct suckaddr *addr;
const struct transport *transport;
const struct uds_perms *perms;
unsigned test_heritage;
diff --git a/bin/varnishd/mgt/mgt_acceptor.c b/bin/varnishd/mgt/mgt_acceptor.c
index 9b649a7b9..06946389d 100644
--- a/bin/varnishd/mgt/mgt_acceptor.c
+++ b/bin/varnishd/mgt/mgt_acceptor.c
@@ -163,7 +163,7 @@ mk_listen_sock(const struct listen_arg *la, const struct suckaddr *sa)
fail = mac_opensocket(ls);
VJ_master(JAIL_MASTER_LOW);
if (fail) {
- free(ls->addr);
+ VSA_free(&ls->addr);
free(ls->endpoint);
FREE_OBJ(ls);
if (fail != EAFNOSUPPORT)
@@ -199,7 +199,7 @@ mac_tcp(void *priv, const struct suckaddr *sa)
* port number this VTCP_bind() found us, as if
* it was specified by the argv.
*/
- free(ls->addr);
+ VSA_free(&ls->addr);
ls->addr = VTCP_my_suckaddr(ls->sock);
VTCP_myname(ls->sock, abuf, sizeof abuf,
pbuf, sizeof pbuf);
diff --git a/bin/varnishd/mgt/mgt_cli.c b/bin/varnishd/mgt/mgt_cli.c
index 5692335a5..4a21962e9 100644
--- a/bin/varnishd/mgt/mgt_cli.c
+++ b/bin/varnishd/mgt/mgt_cli.c
@@ -552,7 +552,7 @@ mgt_cli_telnet(const char *T_arg)
struct m_addr {
unsigned magic;
#define M_ADDR_MAGIC 0xbc6217ed
- struct suckaddr *sa;
+ const struct suckaddr *sa;
VTAILQ_ENTRY(m_addr) list;
};
diff --git a/bin/varnishtest/vtc_barrier.c b/bin/varnishtest/vtc_barrier.c
index 9b1f6a026..04f5db027 100644
--- a/bin/varnishtest/vtc_barrier.c
+++ b/bin/varnishtest/vtc_barrier.c
@@ -133,7 +133,7 @@ barrier_sock_thread(void *priv)
struct vtclog *vl;
const char *err;
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
char abuf[VTCP_ADDRBUFSIZE], pbuf[VTCP_PORTBUFSIZE];
int i, sock, *conns;
diff --git a/bin/varnishtest/vtc_client.c b/bin/varnishtest/vtc_client.c
index 883aad017..fb7277d5c 100644
--- a/bin/varnishtest/vtc_client.c
+++ b/bin/varnishtest/vtc_client.c
@@ -42,6 +42,7 @@
#include "vtc.h"
+#include "vsa.h"
#include "vss.h"
#include "vtcp.h"
#include "vus.h"
@@ -75,7 +76,7 @@ static VTAILQ_HEAD(, client) clients = VTAILQ_HEAD_INITIALIZER(clients);
static void
client_proxy(struct vtclog *vl, int fd, int version, const char *spec)
{
- struct suckaddr *sac, *sas;
+ const struct suckaddr *sac, *sas;
char *p, *p2;
p = strdup(spec);
@@ -93,8 +94,8 @@ client_proxy(struct vtclog *vl, int fd, int version, const char *spec)
if (vtc_send_proxy(fd, version, sac, sas))
vtc_fatal(vl, "Write failed: %s", strerror(errno));
free(p);
- free(sac);
- free(sas);
+ VSA_free(&sac);
+ VSA_free(&sas);
}
/**********************************************************************
diff --git a/bin/varnishtest/vtc_haproxy.c b/bin/varnishtest/vtc_haproxy.c
index 7f0e11601..cf71a812e 100644
--- a/bin/varnishtest/vtc_haproxy.c
+++ b/bin/varnishtest/vtc_haproxy.c
@@ -527,7 +527,7 @@ haproxy_create_mcli(struct haproxy *h)
const char *err;
char buf[128], addr[128], port[128];
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
sock = VTCP_listen_on(default_listen_addr, NULL, 100, &err);
if (err != NULL)
@@ -574,7 +574,7 @@ haproxy_new(const char *name)
const char *err;
const char *env_args;
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
ALLOC_OBJ(h, HAPROXY_MAGIC);
AN(h);
@@ -864,7 +864,7 @@ haproxy_build_backends(struct haproxy *h, const char *vsb_data)
char buf[128], addr[128], port[128];
const char *err;
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
p = strstr(p, HAPROXY_BE_FD_STR);
if (!p)
diff --git a/bin/varnishtest/vtc_main.c b/bin/varnishtest/vtc_main.c
index d020b37ec..c61fecc8d 100644
--- a/bin/varnishtest/vtc_main.c
+++ b/bin/varnishtest/vtc_main.c
@@ -49,8 +49,8 @@
#include "vfil.h"
#include "vnum.h"
#include "vrnd.h"
-#include "vss.h"
#include "vsa.h"
+#include "vss.h"
#include "vsub.h"
#include "vtcp.h"
#include "vtim.h"
@@ -605,7 +605,7 @@ i_mode(void)
static void
ip_magic(void)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
char abuf[VTCP_ADDRBUFSIZE];
char pbuf[VTCP_PORTBUFSIZE];
char *s;
@@ -621,7 +621,7 @@ ip_magic(void)
AN(sa);
bad_backend_fd = VTCP_bind(sa, NULL);
if (bad_backend_fd < 0) {
- free(sa);
+ VSA_free(&sa);
sa = VSS_ResolveFirst(NULL, "localhost", "0", 0, SOCK_STREAM, 0);
AN(sa);
bad_backend_fd = VTCP_bind(sa, NULL);
@@ -657,7 +657,7 @@ ip_magic(void)
extmacro_def("listen_addr", NULL, "%s", abuf);
default_listen_addr = strdup(abuf);
AN(default_listen_addr);
- free(sa);
+ VSA_free(&sa);
/*
* We need an IP number which will not repond, ever, and that is a
diff --git a/bin/varnishtest/vtc_misc.c b/bin/varnishtest/vtc_misc.c
index 78ec28464..30784d61a 100644
--- a/bin/varnishtest/vtc_misc.c
+++ b/bin/varnishtest/vtc_misc.c
@@ -51,6 +51,7 @@
#include "vnum.h"
#include "vre.h"
#include "vtcp.h"
+#include "vsa.h"
#include "vss.h"
#include "vtim.h"
#include "vus.h"
@@ -356,7 +357,7 @@ cmd_delay(CMD_ARGS)
static int
dns_works(void)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
char abuf[VTCP_ADDRBUFSIZE];
char pbuf[VTCP_PORTBUFSIZE];
@@ -365,7 +366,7 @@ dns_works(void)
if (sa == NULL)
return (0);
VTCP_name(sa, abuf, sizeof abuf, pbuf, sizeof pbuf);
- free(sa);
+ VSA_free(&sa);
if (strcmp(abuf, "192.0.2.255"))
return (0);
@@ -373,7 +374,7 @@ dns_works(void)
AF_INET6, SOCK_STREAM, 0);
if (sa == NULL)
return (1); /* the canary is ipv4 only */
- free(sa);
+ VSA_free(&sa);
return (0);
}
@@ -384,14 +385,14 @@ dns_works(void)
static int
ipvx_works(const char *target)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
int fd;
sa = VSS_ResolveOne(NULL, target, "0", 0, SOCK_STREAM, 0);
if (sa == NULL)
return (0);
fd = VTCP_bind(sa, NULL);
- free(sa);
+ VSA_free(&sa);
if (fd >= 0) {
VTCP_close(&fd);
return (1);
diff --git a/bin/varnishtest/vtc_server.c b/bin/varnishtest/vtc_server.c
index f09131a24..3942ae92d 100644
--- a/bin/varnishtest/vtc_server.c
+++ b/bin/varnishtest/vtc_server.c
@@ -185,7 +185,7 @@ static void
server_listen_tcp(struct server *s, const char **errp)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
s->sock = VTCP_listen_on(s->listen, "0", s->depth, errp);
if (*errp != NULL)
diff --git a/bin/varnishtest/vtc_syslog.c b/bin/varnishtest/vtc_syslog.c
index ac988e9af..7dc97db7d 100644
--- a/bin/varnishtest/vtc_syslog.c
+++ b/bin/varnishtest/vtc_syslog.c
@@ -359,7 +359,7 @@ syslog_bind(struct syslog_srv *s)
char aaddr[VTCP_ADDRBUFSIZE];
char aport[VTCP_PORTBUFSIZE];
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
CHECK_OBJ_NOTNULL(s, SYSLOG_SRV_MAGIC);
diff --git a/bin/varnishtest/vtc_tunnel.c b/bin/varnishtest/vtc_tunnel.c
index 342617c2b..3899cc536 100644
--- a/bin/varnishtest/vtc_tunnel.c
+++ b/bin/varnishtest/vtc_tunnel.c
@@ -583,7 +583,7 @@ static void
tunnel_listen(struct tunnel *t)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
const char *err;
if (t->lsock >= 0)
diff --git a/flint.lnt b/flint.lnt
index 3724d99f1..af5a93da6 100644
--- a/flint.lnt
+++ b/flint.lnt
@@ -9,6 +9,9 @@
//d__flexelint_v9__=1
+fan
+// No automatic custody
+-ffc
+
-hm4
///////////////////////////////////////////////////////////////////////
diff --git a/include/vsa.h b/include/vsa.h
index 7b7ffb55e..b542b2329 100644
--- a/include/vsa.h
+++ b/include/vsa.h
@@ -42,9 +42,10 @@ int VSA_Sane(const struct suckaddr *);
unsigned VSA_Port(const struct suckaddr *);
int VSA_Compare(const struct suckaddr *, const struct suckaddr *);
int VSA_Compare_IP(const struct suckaddr *, const struct suckaddr *);
-struct suckaddr *VSA_Clone(const struct suckaddr *sua);
-struct suckaddr *VSA_getsockname(int, void *, size_t);
-struct suckaddr *VSA_getpeername(int, void *, size_t);
+const struct suckaddr *VSA_Clone(const struct suckaddr *sua);
+const struct suckaddr *VSA_getsockname(int, void *, size_t);
+const struct suckaddr *VSA_getpeername(int, void *, size_t);
+void VSA_free(const struct suckaddr **);
const void *VSA_Get_Sockaddr(const struct suckaddr *, socklen_t *sl);
int VSA_Get_Proto(const struct suckaddr *);
@@ -52,13 +53,14 @@ int VSA_Get_Proto(const struct suckaddr *);
/*
* 's' is a sockaddr of some kind, 'sal' is its length
*/
-struct suckaddr *VSA_Malloc(const void *s, unsigned sal);
+const struct suckaddr *VSA_Malloc(const void *s, unsigned sal);
/*
- * 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage,
+ * 'd' can point to vsa_suckaddr_len aligned bytes of storage, but
+ * if it is NULL, malloc will be called.
* 's' is a sockaddr of some kind, 'sal' is its length.
*/
-struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
+const struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage
*
@@ -69,7 +71,7 @@ struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
* NULL or 0 length argument are ignored.
* argument of the wrong length are an error (NULL return value, EINVAL)
*/
-struct suckaddr * VSA_BuildFAP(void *d, sa_family_t fam,
+const struct suckaddr * VSA_BuildFAP(void *d, sa_family_t fam,
const void *a, unsigned al, const void *p, unsigned pl);
/*
diff --git a/include/vss.h b/include/vss.h
index 4695743b2..5db0bb7e6 100644
--- a/include/vss.h
+++ b/include/vss.h
@@ -36,9 +36,9 @@ int VSS_resolver(const char *addr, const char *def_port, vss_resolved_f *func,
void *priv, const char **err);
int VSS_resolver_socktype(const char *addr, const char *def_port,
vss_resolved_f *func, void *priv, const char **err, int socktype);
-struct suckaddr *VSS_ResolveOne(void *dst,
+const struct suckaddr *VSS_ResolveOne(void *dst,
const char *addr, const char *port,
int family, int socktype, int flags);
-struct suckaddr *VSS_ResolveFirst(void *dst,
+const struct suckaddr *VSS_ResolveFirst(void *dst,
const char *addr, const char *port,
int family, int socktype, int flags);
diff --git a/lib/libvarnish/vsa.c b/lib/libvarnish/vsa.c
index d1f1c91a0..c03fbf91f 100644
--- a/lib/libvarnish/vsa.c
+++ b/lib/libvarnish/vsa.c
@@ -247,10 +247,11 @@ socklen_t sua_len(const struct sockaddr *sa)
* Malloc a suckaddr from a sockaddr of some kind.
*/
-struct suckaddr *
+const struct suckaddr *
VSA_Malloc(const void *s, unsigned sal)
{
- return (VSA_Build(malloc(vsa_suckaddr_len), s, sal));
+
+ return (VSA_Build(NULL, s, sal));
}
/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage
@@ -262,7 +263,7 @@ VSA_Malloc(const void *s, unsigned sal)
* NULL or 0 length argument are ignored.
* argument of the wrong length are an error (NULL return value, EINVAL)
*/
-struct suckaddr *
+const struct suckaddr *
VSA_BuildFAP(void *d, sa_family_t fam, const void *a, unsigned al,
const void *p, unsigned pl)
{
@@ -306,20 +307,23 @@ VSA_BuildFAP(void *d, sa_family_t fam, const void *a, unsigned al,
return (NULL);
}
-/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage */
-struct suckaddr *
+const struct suckaddr *
VSA_Build(void *d, const void *s, unsigned sal)
{
struct suckaddr *sua;
const struct sockaddr *sa = s;
unsigned l; // for flexelint
- AN(d);
AN(s);
l = sua_len(sa);
if (l == 0 || l != sal)
return (NULL);
+ if (d == NULL) {
+ d = malloc(vsa_suckaddr_len);
+ AN(d);
+ }
+
sua = d;
INIT_OBJ(sua, SUCKADDR_MAGIC);
@@ -399,7 +403,7 @@ VSA_Compare_IP(const struct suckaddr *sua1, const struct suckaddr *sua2)
NEEDLESS(return (-1));
}
-struct suckaddr *
+const struct suckaddr *
VSA_Clone(const struct suckaddr *sua)
{
struct suckaddr *sua2;
@@ -427,7 +431,7 @@ VSA_Port(const struct suckaddr *sua)
}
#define VSA_getname(which) \
-struct suckaddr * \
+const struct suckaddr * \
VSA_get ## which ## name(int fd, void *d, size_t l) \
{ \
struct suckaddr *sua; \
@@ -452,3 +456,13 @@ VSA_get ## which ## name(int fd, void *d, size_t l) \
VSA_getname(sock)
VSA_getname(peer)
#undef VSA_getname
+
+void
+VSA_free(const struct suckaddr **vsap)
+{
+ const struct suckaddr *vsa;
+
+ TAKE_OBJ_NOTNULL(vsa, vsap, SUCKADDR_MAGIC);
+ free(TRUST_ME(vsa));
+}
+
diff --git a/lib/libvarnish/vss.c b/lib/libvarnish/vss.c
index 45a3d2f2a..4601f27d5 100644
--- a/lib/libvarnish/vss.c
+++ b/lib/libvarnish/vss.c
@@ -139,7 +139,7 @@ vss_resolve(const char *addr, const char *def_port, int family, int socktype,
return (ret);
}
-static struct suckaddr *
+static const struct suckaddr *
vss_alloc_suckaddr(void *dst, const struct addrinfo *ai)
{
@@ -162,7 +162,7 @@ VSS_resolver_socktype(const char *addr, const char *def_port,
vss_resolved_f *func, void *priv, const char **errp, int socktype)
{
struct addrinfo *res0 = NULL, *res;
- struct suckaddr *vsa;
+ const struct suckaddr *vsa;
int ret;
AN(addr);
@@ -178,7 +178,7 @@ VSS_resolver_socktype(const char *addr, const char *def_port,
vsa = VSA_Malloc(res->ai_addr, res->ai_addrlen);
if (vsa != NULL) {
ret = func(priv, vsa);
- free(vsa);
+ VSA_free(&vsa);
if (ret)
break;
}
@@ -195,12 +195,12 @@ VSS_resolver(const char *addr, const char *def_port, vss_resolved_f *func,
addr, def_port, func, priv, errp, SOCK_STREAM));
}
-struct suckaddr *
+const struct suckaddr *
VSS_ResolveOne(void *dst, const char *addr, const char *def_port,
int family, int socktype, int flags)
{
struct addrinfo *res = NULL;
- struct suckaddr *retval = NULL;
+ const struct suckaddr *retval = NULL;
const char *err;
int ret;
@@ -215,12 +215,12 @@ VSS_ResolveOne(void *dst, const char *addr, const char *def_port,
return (retval);
}
-struct suckaddr *
+const struct suckaddr *
VSS_ResolveFirst(void *dst, const char *addr, const char *def_port,
int family, int socktype, int flags)
{
struct addrinfo *res0 = NULL, *res;
- struct suckaddr *retval = NULL;
+ const struct suckaddr *retval = NULL;
const char *err;
int ret;
diff --git a/lib/libvarnish/vtcp.c b/lib/libvarnish/vtcp.c
index 6c1d154a2..d46142b46 100644
--- a/lib/libvarnish/vtcp.c
+++ b/lib/libvarnish/vtcp.c
@@ -134,7 +134,7 @@ void
VTCP_hisname(int sock, char *abuf, unsigned alen, char *pbuf, unsigned plen)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
sua = VSA_getpeername(sock, buf, sizeof buf);
if (sua != NULL)
diff --git a/lib/libvcc/vcc_acl.c b/lib/libvcc/vcc_acl.c
index 4ccefea4f..811f0bf3b 100644
--- a/lib/libvcc/vcc_acl.c
+++ b/lib/libvcc/vcc_acl.c
@@ -164,7 +164,7 @@ vcc_acl_chk(struct vcc *tl, const struct acl_e *ae, const int l,
char t[VTCP_ADDRBUFSIZE + 10];
char s[vsa_suckaddr_len];
char *r = NULL;
- struct suckaddr *sa;
+ const struct suckaddr *sa;
unsigned m;
int ll, ret = 0;
diff --git a/lib/libvcc/vcc_utils.c b/lib/libvcc/vcc_utils.c
index 9264200c1..50abffe75 100644
--- a/lib/libvcc/vcc_utils.c
+++ b/lib/libvcc/vcc_utils.c
@@ -173,8 +173,8 @@ struct rss {
unsigned magic;
#define RSS_MAGIC 0x11e966ab
- struct suckaddr *vsa4;
- struct suckaddr *vsa6;
+ const struct suckaddr *vsa4;
+ const struct suckaddr *vsa6;
struct vsb *vsb;
int retval;
int wrong;
@@ -246,8 +246,10 @@ Resolve_Sockaddr(struct vcc *tl,
"(Sorry if that error message is gibberish.)\n",
errid, PF(t_err), err);
vcc_ErrWhere(tl, t_err);
- free(rss->vsa4);
- free(rss->vsa6);
+ if (rss->vsa4 != NULL)
+ VSA_free(&rss->vsa4);
+ if (rss->vsa6 != NULL)
+ VSA_free(&rss->vsa6);
VSB_destroy(&rss->vsb);
ZERO_OBJ(rss, sizeof rss);
return;
@@ -255,11 +257,11 @@ Resolve_Sockaddr(struct vcc *tl,
AZ(error);
if (rss->vsa4 != NULL) {
vcc_suckaddr(tl, host, rss->vsa4, ipv4, ipv4_ascii, p_ascii);
- free(rss->vsa4);
+ VSA_free(&rss->vsa4);
}
if (rss->vsa6 != NULL) {
vcc_suckaddr(tl, host, rss->vsa6, ipv6, ipv6_ascii, p_ascii);
- free(rss->vsa6);
+ VSA_free(&rss->vsa6);
}
if (rss->retval == 0) {
VSB_printf(tl->sb,
diff --git a/vmod/vmod_debug_dyn.c b/vmod/vmod_debug_dyn.c
index 8e9676c2c..2f1a1d180 100644
--- a/vmod/vmod_debug_dyn.c
+++ b/vmod/vmod_debug_dyn.c
@@ -64,7 +64,7 @@ static void
dyn_dir_init(VRT_CTX, struct xyzzy_debug_dyn *dyn,
VCL_STRING addr, VCL_STRING port, VCL_PROBE probe)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
VCL_BACKEND dir, dir2;
struct vrt_endpoint vep;
struct vrt_backend vrt;
@@ -105,7 +105,7 @@ dyn_dir_init(VRT_CTX, struct xyzzy_debug_dyn *dyn,
if (dir2 != NULL)
VRT_delete_backend(ctx, &dir2);
- free(sa);
+ VSA_free(&sa);
}
VCL_VOID
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit
Author: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Wed Nov 30 20:59:23 2022 +0000
Introduce VSA_free() and constify suckaddrs
Inspired by: CHERI
diff --git a/bin/varnishd/cache/cache_backend_probe.c b/bin/varnishd/cache/cache_backend_probe.c
index 594dc7627..d38a51b72 100644
--- a/bin/varnishd/cache/cache_backend_probe.c
+++ b/bin/varnishd/cache/cache_backend_probe.c
@@ -247,7 +247,7 @@ vbp_write_proxy_v1(struct vbp_target *vt, int *sock)
char addr[VTCP_ADDRBUFSIZE];
char port[VTCP_PORTBUFSIZE];
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
int proto;
struct vsb vsb;
diff --git a/bin/varnishd/common/heritage.h b/bin/varnishd/common/heritage.h
index 06dbe177d..5b68d96a3 100644
--- a/bin/varnishd/common/heritage.h
+++ b/bin/varnishd/common/heritage.h
@@ -48,7 +48,7 @@ struct listen_sock {
int uds;
char *endpoint;
const char *name;
- struct suckaddr *addr;
+ const struct suckaddr *addr;
const struct transport *transport;
const struct uds_perms *perms;
unsigned test_heritage;
diff --git a/bin/varnishd/mgt/mgt_acceptor.c b/bin/varnishd/mgt/mgt_acceptor.c
index 9b649a7b9..06946389d 100644
--- a/bin/varnishd/mgt/mgt_acceptor.c
+++ b/bin/varnishd/mgt/mgt_acceptor.c
@@ -163,7 +163,7 @@ mk_listen_sock(const struct listen_arg *la, const struct suckaddr *sa)
fail = mac_opensocket(ls);
VJ_master(JAIL_MASTER_LOW);
if (fail) {
- free(ls->addr);
+ VSA_free(&ls->addr);
free(ls->endpoint);
FREE_OBJ(ls);
if (fail != EAFNOSUPPORT)
@@ -199,7 +199,7 @@ mac_tcp(void *priv, const struct suckaddr *sa)
* port number this VTCP_bind() found us, as if
* it was specified by the argv.
*/
- free(ls->addr);
+ VSA_free(&ls->addr);
ls->addr = VTCP_my_suckaddr(ls->sock);
VTCP_myname(ls->sock, abuf, sizeof abuf,
pbuf, sizeof pbuf);
diff --git a/bin/varnishd/mgt/mgt_cli.c b/bin/varnishd/mgt/mgt_cli.c
index 5692335a5..4a21962e9 100644
--- a/bin/varnishd/mgt/mgt_cli.c
+++ b/bin/varnishd/mgt/mgt_cli.c
@@ -552,7 +552,7 @@ mgt_cli_telnet(const char *T_arg)
struct m_addr {
unsigned magic;
#define M_ADDR_MAGIC 0xbc6217ed
- struct suckaddr *sa;
+ const struct suckaddr *sa;
VTAILQ_ENTRY(m_addr) list;
};
diff --git a/bin/varnishtest/vtc_barrier.c b/bin/varnishtest/vtc_barrier.c
index 9b1f6a026..04f5db027 100644
--- a/bin/varnishtest/vtc_barrier.c
+++ b/bin/varnishtest/vtc_barrier.c
@@ -133,7 +133,7 @@ barrier_sock_thread(void *priv)
struct vtclog *vl;
const char *err;
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
char abuf[VTCP_ADDRBUFSIZE], pbuf[VTCP_PORTBUFSIZE];
int i, sock, *conns;
diff --git a/bin/varnishtest/vtc_client.c b/bin/varnishtest/vtc_client.c
index 883aad017..fb7277d5c 100644
--- a/bin/varnishtest/vtc_client.c
+++ b/bin/varnishtest/vtc_client.c
@@ -42,6 +42,7 @@
#include "vtc.h"
+#include "vsa.h"
#include "vss.h"
#include "vtcp.h"
#include "vus.h"
@@ -75,7 +76,7 @@ static VTAILQ_HEAD(, client) clients = VTAILQ_HEAD_INITIALIZER(clients);
static void
client_proxy(struct vtclog *vl, int fd, int version, const char *spec)
{
- struct suckaddr *sac, *sas;
+ const struct suckaddr *sac, *sas;
char *p, *p2;
p = strdup(spec);
@@ -93,8 +94,8 @@ client_proxy(struct vtclog *vl, int fd, int version, const char *spec)
if (vtc_send_proxy(fd, version, sac, sas))
vtc_fatal(vl, "Write failed: %s", strerror(errno));
free(p);
- free(sac);
- free(sas);
+ VSA_free(&sac);
+ VSA_free(&sas);
}
/**********************************************************************
diff --git a/bin/varnishtest/vtc_haproxy.c b/bin/varnishtest/vtc_haproxy.c
index 7f0e11601..cf71a812e 100644
--- a/bin/varnishtest/vtc_haproxy.c
+++ b/bin/varnishtest/vtc_haproxy.c
@@ -527,7 +527,7 @@ haproxy_create_mcli(struct haproxy *h)
const char *err;
char buf[128], addr[128], port[128];
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
sock = VTCP_listen_on(default_listen_addr, NULL, 100, &err);
if (err != NULL)
@@ -574,7 +574,7 @@ haproxy_new(const char *name)
const char *err;
const char *env_args;
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
ALLOC_OBJ(h, HAPROXY_MAGIC);
AN(h);
@@ -864,7 +864,7 @@ haproxy_build_backends(struct haproxy *h, const char *vsb_data)
char buf[128], addr[128], port[128];
const char *err;
char vsabuf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
p = strstr(p, HAPROXY_BE_FD_STR);
if (!p)
diff --git a/bin/varnishtest/vtc_main.c b/bin/varnishtest/vtc_main.c
index d020b37ec..c61fecc8d 100644
--- a/bin/varnishtest/vtc_main.c
+++ b/bin/varnishtest/vtc_main.c
@@ -49,8 +49,8 @@
#include "vfil.h"
#include "vnum.h"
#include "vrnd.h"
-#include "vss.h"
#include "vsa.h"
+#include "vss.h"
#include "vsub.h"
#include "vtcp.h"
#include "vtim.h"
@@ -605,7 +605,7 @@ i_mode(void)
static void
ip_magic(void)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
char abuf[VTCP_ADDRBUFSIZE];
char pbuf[VTCP_PORTBUFSIZE];
char *s;
@@ -621,7 +621,7 @@ ip_magic(void)
AN(sa);
bad_backend_fd = VTCP_bind(sa, NULL);
if (bad_backend_fd < 0) {
- free(sa);
+ VSA_free(&sa);
sa = VSS_ResolveFirst(NULL, "localhost", "0", 0, SOCK_STREAM, 0);
AN(sa);
bad_backend_fd = VTCP_bind(sa, NULL);
@@ -657,7 +657,7 @@ ip_magic(void)
extmacro_def("listen_addr", NULL, "%s", abuf);
default_listen_addr = strdup(abuf);
AN(default_listen_addr);
- free(sa);
+ VSA_free(&sa);
/*
* We need an IP number which will not repond, ever, and that is a
diff --git a/bin/varnishtest/vtc_misc.c b/bin/varnishtest/vtc_misc.c
index 78ec28464..30784d61a 100644
--- a/bin/varnishtest/vtc_misc.c
+++ b/bin/varnishtest/vtc_misc.c
@@ -51,6 +51,7 @@
#include "vnum.h"
#include "vre.h"
#include "vtcp.h"
+#include "vsa.h"
#include "vss.h"
#include "vtim.h"
#include "vus.h"
@@ -356,7 +357,7 @@ cmd_delay(CMD_ARGS)
static int
dns_works(void)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
char abuf[VTCP_ADDRBUFSIZE];
char pbuf[VTCP_PORTBUFSIZE];
@@ -365,7 +366,7 @@ dns_works(void)
if (sa == NULL)
return (0);
VTCP_name(sa, abuf, sizeof abuf, pbuf, sizeof pbuf);
- free(sa);
+ VSA_free(&sa);
if (strcmp(abuf, "192.0.2.255"))
return (0);
@@ -373,7 +374,7 @@ dns_works(void)
AF_INET6, SOCK_STREAM, 0);
if (sa == NULL)
return (1); /* the canary is ipv4 only */
- free(sa);
+ VSA_free(&sa);
return (0);
}
@@ -384,14 +385,14 @@ dns_works(void)
static int
ipvx_works(const char *target)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
int fd;
sa = VSS_ResolveOne(NULL, target, "0", 0, SOCK_STREAM, 0);
if (sa == NULL)
return (0);
fd = VTCP_bind(sa, NULL);
- free(sa);
+ VSA_free(&sa);
if (fd >= 0) {
VTCP_close(&fd);
return (1);
diff --git a/bin/varnishtest/vtc_server.c b/bin/varnishtest/vtc_server.c
index f09131a24..3942ae92d 100644
--- a/bin/varnishtest/vtc_server.c
+++ b/bin/varnishtest/vtc_server.c
@@ -185,7 +185,7 @@ static void
server_listen_tcp(struct server *s, const char **errp)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
s->sock = VTCP_listen_on(s->listen, "0", s->depth, errp);
if (*errp != NULL)
diff --git a/bin/varnishtest/vtc_syslog.c b/bin/varnishtest/vtc_syslog.c
index ac988e9af..7dc97db7d 100644
--- a/bin/varnishtest/vtc_syslog.c
+++ b/bin/varnishtest/vtc_syslog.c
@@ -359,7 +359,7 @@ syslog_bind(struct syslog_srv *s)
char aaddr[VTCP_ADDRBUFSIZE];
char aport[VTCP_PORTBUFSIZE];
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
CHECK_OBJ_NOTNULL(s, SYSLOG_SRV_MAGIC);
diff --git a/bin/varnishtest/vtc_tunnel.c b/bin/varnishtest/vtc_tunnel.c
index 342617c2b..3899cc536 100644
--- a/bin/varnishtest/vtc_tunnel.c
+++ b/bin/varnishtest/vtc_tunnel.c
@@ -583,7 +583,7 @@ static void
tunnel_listen(struct tunnel *t)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
const char *err;
if (t->lsock >= 0)
diff --git a/flint.lnt b/flint.lnt
index 3724d99f1..af5a93da6 100644
--- a/flint.lnt
+++ b/flint.lnt
@@ -9,6 +9,9 @@
//d__flexelint_v9__=1
+fan
+// No automatic custody
+-ffc
+
-hm4
///////////////////////////////////////////////////////////////////////
diff --git a/include/vsa.h b/include/vsa.h
index 7b7ffb55e..b542b2329 100644
--- a/include/vsa.h
+++ b/include/vsa.h
@@ -42,9 +42,10 @@ int VSA_Sane(const struct suckaddr *);
unsigned VSA_Port(const struct suckaddr *);
int VSA_Compare(const struct suckaddr *, const struct suckaddr *);
int VSA_Compare_IP(const struct suckaddr *, const struct suckaddr *);
-struct suckaddr *VSA_Clone(const struct suckaddr *sua);
-struct suckaddr *VSA_getsockname(int, void *, size_t);
-struct suckaddr *VSA_getpeername(int, void *, size_t);
+const struct suckaddr *VSA_Clone(const struct suckaddr *sua);
+const struct suckaddr *VSA_getsockname(int, void *, size_t);
+const struct suckaddr *VSA_getpeername(int, void *, size_t);
+void VSA_free(const struct suckaddr **);
const void *VSA_Get_Sockaddr(const struct suckaddr *, socklen_t *sl);
int VSA_Get_Proto(const struct suckaddr *);
@@ -52,13 +53,14 @@ int VSA_Get_Proto(const struct suckaddr *);
/*
* 's' is a sockaddr of some kind, 'sal' is its length
*/
-struct suckaddr *VSA_Malloc(const void *s, unsigned sal);
+const struct suckaddr *VSA_Malloc(const void *s, unsigned sal);
/*
- * 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage,
+ * 'd' can point to vsa_suckaddr_len aligned bytes of storage, but
+ * if it is NULL, malloc will be called.
* 's' is a sockaddr of some kind, 'sal' is its length.
*/
-struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
+const struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage
*
@@ -69,7 +71,7 @@ struct suckaddr *VSA_Build(void *d, const void *s, unsigned sal);
* NULL or 0 length argument are ignored.
* argument of the wrong length are an error (NULL return value, EINVAL)
*/
-struct suckaddr * VSA_BuildFAP(void *d, sa_family_t fam,
+const struct suckaddr * VSA_BuildFAP(void *d, sa_family_t fam,
const void *a, unsigned al, const void *p, unsigned pl);
/*
diff --git a/include/vss.h b/include/vss.h
index 4695743b2..5db0bb7e6 100644
--- a/include/vss.h
+++ b/include/vss.h
@@ -36,9 +36,9 @@ int VSS_resolver(const char *addr, const char *def_port, vss_resolved_f *func,
void *priv, const char **err);
int VSS_resolver_socktype(const char *addr, const char *def_port,
vss_resolved_f *func, void *priv, const char **err, int socktype);
-struct suckaddr *VSS_ResolveOne(void *dst,
+const struct suckaddr *VSS_ResolveOne(void *dst,
const char *addr, const char *port,
int family, int socktype, int flags);
-struct suckaddr *VSS_ResolveFirst(void *dst,
+const struct suckaddr *VSS_ResolveFirst(void *dst,
const char *addr, const char *port,
int family, int socktype, int flags);
diff --git a/lib/libvarnish/vsa.c b/lib/libvarnish/vsa.c
index d1f1c91a0..c03fbf91f 100644
--- a/lib/libvarnish/vsa.c
+++ b/lib/libvarnish/vsa.c
@@ -247,10 +247,11 @@ socklen_t sua_len(const struct sockaddr *sa)
* Malloc a suckaddr from a sockaddr of some kind.
*/
-struct suckaddr *
+const struct suckaddr *
VSA_Malloc(const void *s, unsigned sal)
{
- return (VSA_Build(malloc(vsa_suckaddr_len), s, sal));
+
+ return (VSA_Build(NULL, s, sal));
}
/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage
@@ -262,7 +263,7 @@ VSA_Malloc(const void *s, unsigned sal)
* NULL or 0 length argument are ignored.
* argument of the wrong length are an error (NULL return value, EINVAL)
*/
-struct suckaddr *
+const struct suckaddr *
VSA_BuildFAP(void *d, sa_family_t fam, const void *a, unsigned al,
const void *p, unsigned pl)
{
@@ -306,20 +307,23 @@ VSA_BuildFAP(void *d, sa_family_t fam, const void *a, unsigned al,
return (NULL);
}
-/* 'd' SHALL point to vsa_suckaddr_len aligned bytes of storage */
-struct suckaddr *
+const struct suckaddr *
VSA_Build(void *d, const void *s, unsigned sal)
{
struct suckaddr *sua;
const struct sockaddr *sa = s;
unsigned l; // for flexelint
- AN(d);
AN(s);
l = sua_len(sa);
if (l == 0 || l != sal)
return (NULL);
+ if (d == NULL) {
+ d = malloc(vsa_suckaddr_len);
+ AN(d);
+ }
+
sua = d;
INIT_OBJ(sua, SUCKADDR_MAGIC);
@@ -399,7 +403,7 @@ VSA_Compare_IP(const struct suckaddr *sua1, const struct suckaddr *sua2)
NEEDLESS(return (-1));
}
-struct suckaddr *
+const struct suckaddr *
VSA_Clone(const struct suckaddr *sua)
{
struct suckaddr *sua2;
@@ -427,7 +431,7 @@ VSA_Port(const struct suckaddr *sua)
}
#define VSA_getname(which) \
-struct suckaddr * \
+const struct suckaddr * \
VSA_get ## which ## name(int fd, void *d, size_t l) \
{ \
struct suckaddr *sua; \
@@ -452,3 +456,13 @@ VSA_get ## which ## name(int fd, void *d, size_t l) \
VSA_getname(sock)
VSA_getname(peer)
#undef VSA_getname
+
+void
+VSA_free(const struct suckaddr **vsap)
+{
+ const struct suckaddr *vsa;
+
+ TAKE_OBJ_NOTNULL(vsa, vsap, SUCKADDR_MAGIC);
+ free(TRUST_ME(vsa));
+}
+
diff --git a/lib/libvarnish/vss.c b/lib/libvarnish/vss.c
index 45a3d2f2a..4601f27d5 100644
--- a/lib/libvarnish/vss.c
+++ b/lib/libvarnish/vss.c
@@ -139,7 +139,7 @@ vss_resolve(const char *addr, const char *def_port, int family, int socktype,
return (ret);
}
-static struct suckaddr *
+static const struct suckaddr *
vss_alloc_suckaddr(void *dst, const struct addrinfo *ai)
{
@@ -162,7 +162,7 @@ VSS_resolver_socktype(const char *addr, const char *def_port,
vss_resolved_f *func, void *priv, const char **errp, int socktype)
{
struct addrinfo *res0 = NULL, *res;
- struct suckaddr *vsa;
+ const struct suckaddr *vsa;
int ret;
AN(addr);
@@ -178,7 +178,7 @@ VSS_resolver_socktype(const char *addr, const char *def_port,
vsa = VSA_Malloc(res->ai_addr, res->ai_addrlen);
if (vsa != NULL) {
ret = func(priv, vsa);
- free(vsa);
+ VSA_free(&vsa);
if (ret)
break;
}
@@ -195,12 +195,12 @@ VSS_resolver(const char *addr, const char *def_port, vss_resolved_f *func,
addr, def_port, func, priv, errp, SOCK_STREAM));
}
-struct suckaddr *
+const struct suckaddr *
VSS_ResolveOne(void *dst, const char *addr, const char *def_port,
int family, int socktype, int flags)
{
struct addrinfo *res = NULL;
- struct suckaddr *retval = NULL;
+ const struct suckaddr *retval = NULL;
const char *err;
int ret;
@@ -215,12 +215,12 @@ VSS_ResolveOne(void *dst, const char *addr, const char *def_port,
return (retval);
}
-struct suckaddr *
+const struct suckaddr *
VSS_ResolveFirst(void *dst, const char *addr, const char *def_port,
int family, int socktype, int flags)
{
struct addrinfo *res0 = NULL, *res;
- struct suckaddr *retval = NULL;
+ const struct suckaddr *retval = NULL;
const char *err;
int ret;
diff --git a/lib/libvarnish/vtcp.c b/lib/libvarnish/vtcp.c
index 6c1d154a2..d46142b46 100644
--- a/lib/libvarnish/vtcp.c
+++ b/lib/libvarnish/vtcp.c
@@ -134,7 +134,7 @@ void
VTCP_hisname(int sock, char *abuf, unsigned alen, char *pbuf, unsigned plen)
{
char buf[vsa_suckaddr_len];
- struct suckaddr *sua;
+ const struct suckaddr *sua;
sua = VSA_getpeername(sock, buf, sizeof buf);
if (sua != NULL)
diff --git a/lib/libvcc/vcc_acl.c b/lib/libvcc/vcc_acl.c
index 4ccefea4f..811f0bf3b 100644
--- a/lib/libvcc/vcc_acl.c
+++ b/lib/libvcc/vcc_acl.c
@@ -164,7 +164,7 @@ vcc_acl_chk(struct vcc *tl, const struct acl_e *ae, const int l,
char t[VTCP_ADDRBUFSIZE + 10];
char s[vsa_suckaddr_len];
char *r = NULL;
- struct suckaddr *sa;
+ const struct suckaddr *sa;
unsigned m;
int ll, ret = 0;
diff --git a/lib/libvcc/vcc_utils.c b/lib/libvcc/vcc_utils.c
index 9264200c1..50abffe75 100644
--- a/lib/libvcc/vcc_utils.c
+++ b/lib/libvcc/vcc_utils.c
@@ -173,8 +173,8 @@ struct rss {
unsigned magic;
#define RSS_MAGIC 0x11e966ab
- struct suckaddr *vsa4;
- struct suckaddr *vsa6;
+ const struct suckaddr *vsa4;
+ const struct suckaddr *vsa6;
struct vsb *vsb;
int retval;
int wrong;
@@ -246,8 +246,10 @@ Resolve_Sockaddr(struct vcc *tl,
"(Sorry if that error message is gibberish.)\n",
errid, PF(t_err), err);
vcc_ErrWhere(tl, t_err);
- free(rss->vsa4);
- free(rss->vsa6);
+ if (rss->vsa4 != NULL)
+ VSA_free(&rss->vsa4);
+ if (rss->vsa6 != NULL)
+ VSA_free(&rss->vsa6);
VSB_destroy(&rss->vsb);
ZERO_OBJ(rss, sizeof rss);
return;
@@ -255,11 +257,11 @@ Resolve_Sockaddr(struct vcc *tl,
AZ(error);
if (rss->vsa4 != NULL) {
vcc_suckaddr(tl, host, rss->vsa4, ipv4, ipv4_ascii, p_ascii);
- free(rss->vsa4);
+ VSA_free(&rss->vsa4);
}
if (rss->vsa6 != NULL) {
vcc_suckaddr(tl, host, rss->vsa6, ipv6, ipv6_ascii, p_ascii);
- free(rss->vsa6);
+ VSA_free(&rss->vsa6);
}
if (rss->retval == 0) {
VSB_printf(tl->sb,
diff --git a/vmod/vmod_debug_dyn.c b/vmod/vmod_debug_dyn.c
index 8e9676c2c..2f1a1d180 100644
--- a/vmod/vmod_debug_dyn.c
+++ b/vmod/vmod_debug_dyn.c
@@ -64,7 +64,7 @@ static void
dyn_dir_init(VRT_CTX, struct xyzzy_debug_dyn *dyn,
VCL_STRING addr, VCL_STRING port, VCL_PROBE probe)
{
- struct suckaddr *sa;
+ const struct suckaddr *sa;
VCL_BACKEND dir, dir2;
struct vrt_endpoint vep;
struct vrt_backend vrt;
@@ -105,7 +105,7 @@ dyn_dir_init(VRT_CTX, struct xyzzy_debug_dyn *dyn,
if (dir2 != NULL)
VRT_delete_backend(ctx, &dir2);
- free(sa);
+ VSA_free(&sa);
}
VCL_VOID
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit