I did a quick scan of mem-pool.c but failed to notice anything
obvious. If you
happen to notice it again, it should be worth a patch.
Mem-pool does zero memory, but none of GF_CALLOC, GF_MALLOC, or
GF_REALLOC do. For example, GF_CALLOC just calls __gf_calloc which just
calls calloc.
??
from TFM:
The calloc() function allocates memory for an array of nmemb
elements of size bytes each and returns a pointer to the allocated
memory. The memory is set to zero.
108 req_size = nmemb * size;
109 tot_size = req_size + GF_MEM_HEADER_SIZE +
GF_MEM_TRAILER_SIZE;
110
111 ptr = calloc (1, tot_size);
The only thing after that is gf_mem_set_acct_info, which doesn't (and
shouldn't) zero memory. Nonetheless, the assumption you refer to is
common in code which calls these functions. Code which has been
converted to use mem-pool is safe, but that leaves a lot of code which
is still unsafe.
