ocaml: Fix thread safety of strings in bindings (RHBZ#604691).

There's a thread safety issue with the current OCaml bindings which
is well explained in the bug report:

https://bugzilla.redhat.com/show_bug.cgi?id=604691

This commit fixes the safety issue by copying strings temporarily
before releasing the thread lock.  Updated code looks like this:

  char *filename = guestfs_safe_strdup (g, String_val (filenamev));
  int r;

  caml_enter_blocking_section ();
  r = guestfs_add_drive_ro (g, filename);
  caml_leave_blocking_section ();
  free (filename);
  if (r == -1)
    ocaml_guestfs_raise_error (g, "add_drive_ro");

Also included is a regression test.

1 files changed, 6 insertions, 9 deletions

diff --git a/ocaml/guestfs_c.c b/ocaml/guestfs_c.c
index f7d8dff8..71f416ab 100644
--- a/ocaml/guestfs_c.c
+++ b/ocaml/guestfs_c.c
@@ -136,11 +136,7 @@ ocaml_guestfs_close (value gv)
   CAMLreturn (Val_unit);
 }
 
-/* Copy string array value.
- * The return value is only 'safe' provided we don't allocate anything
- * further on the OCaml heap (ie. cannot trigger the OCaml GC) because
- * that could move the strings around.
- */
+/* Copy string array value. */
 char **
 ocaml_guestfs_strings_val (guestfs_h *g, value sv)
 {
@@ -150,7 +146,7 @@ ocaml_guestfs_strings_val (guestfs_h *g, value sv)
 
   r = guestfs_safe_malloc (g, sizeof (char *) * (Wosize_val (sv) + 1));
   for (i = 0; i < Wosize_val (sv); ++i)
-    r[i] = String_val (Field (sv, i));
+    r[i] = guestfs_safe_strdup (g, String_val (Field (sv, i)));
   r[i] = NULL;
 
   CAMLreturnT (char **, r);
@@ -160,8 +156,9 @@ ocaml_guestfs_strings_val (guestfs_h *g, value sv)
 void
 ocaml_guestfs_free_strings (char **argv)
 {
-  /* Don't free the actual strings - they are String_vals on
-   * the OCaml heap.
-   */
+  unsigned int i;
+
+  for (i = 0; argv[i] != NULL; ++i)
+    free (argv[i]);
   free (argv);
 }