From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 6733 invoked from network); 12 Apr 2021 15:59:05 -0000
Received: from 1ess.inri.net (216.126.196.35)
  by inbox.vuxu.org with ESMTPUTF8; 12 Apr 2021 15:59:05 -0000
Received: from duke.felloff.net ([216.126.196.34]) by 1ess; Mon Apr 12 11:51:20 -0400 2021
Message-ID: <C8511E7F52CB0889A13607B3C4600519@felloff.net>
Date: Mon, 12 Apr 2021 17:51:09 +0200
From: cinap_lenrek@felloff.net
To: 9front@9front.org
In-Reply-To: <6C9435B0EAB3ECBB65041EE29A4AA82D@9lab.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: virtualized responsive NoSQL high-performance control 
Subject: Re: [9front] upas/Mail: fix multiple suicides (use after free, double free) in mbox.c (patch)
Reply-To: 9front@9front.org
Precedence: bulk

thats idiotic. if you only zero the entries that you free,
you can still have valid pointers after index mbox.nmesg.

if you want really zero all unused entries, you can do it
unconditionally after reading, or just add a second loop
like:

	...
}

mbox.nmesg = j;
while(j < i) mbox.mesg[j++] = nil;

// or use memset?
// memset(&mbox.mesg[j], 0, (i-j)*sizeof(mbox.mesg[0]));

but really, i do not think it is neccesary... tho it can
help when trying to find memory leaks and avoid these
false references.

--
cinap