We explicitly call free() on a pool which falls to zero, assuming it's
not inside another pool (we crash). Check on creation and explicitly
document this case.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
}
pool_tc = (union talloc_pool_chunk *)talloc_chunk_from_ptr(result);
+ if (unlikely(pool_tc->hdr.c.flags & TALLOC_FLAG_POOLMEM)) {
+ /* We don't handle this correctly, so fail. */
+ talloc_log("talloc: cannot allocate pool off another pool %s\n",
+ talloc_get_name(context));
+ talloc_free(result);
+ return NULL;
+ }
pool_tc->hdr.c.flags |= TALLOC_FLAG_POOL;
pool_tc->hdr.c.pool = tc_pool_first_chunk(pool_tc);
* talloc pool to a talloc parent outside the pool, the whole pool memory is
* not free(3)'ed until that moved chunk is also talloc_free()ed.
*
- * @param[in] context The talloc context to hang the result off.
+ * @param[in] context The talloc context to hang the result off (must not
+ * be another pool).
*
* @param[in] size Size of the talloc pool.
*