summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJustus Winter <4winter@informatik.uni-hamburg.de>2014-06-16 17:34:22 +0200
committerJustus Winter <4winter@informatik.uni-hamburg.de>2014-06-18 15:57:00 +0200
commit8821d8a213008eb723414c6c70de384830ea10d7 (patch)
tree82875946d15768a8249ba5db517322c671ad67de
parent470972f3f854e92ee1cc8f1e2ada8412a2b97956 (diff)
libports: avoid realloc(3) corner case
If the size argument is 0, realloc may either return NULL, or return a pointer that is only valid for use with free(3). In either case, the memory is freed. So if realloc would return NULL (it does not on GNU), the current code would double free p. Found using the Clang Static Analyzer. * libports/bucket-iterate.c (_ports_bucket_class_iterate): Avoid calling realloc if no ports were matched.
-rw-r--r--libports/bucket-iterate.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/libports/bucket-iterate.c b/libports/bucket-iterate.c
index babc2045..2d1b00d8 100644
--- a/libports/bucket-iterate.c
+++ b/libports/bucket-iterate.c
@@ -65,7 +65,7 @@ _ports_bucket_class_iterate (struct port_bucket *bucket,
}
pthread_mutex_unlock (&_ports_lock);
- if (n != nr_items)
+ if (n != 0 && n != nr_items)
{
/* We allocated too much. Release unused memory. */
void **new = realloc (p, n * sizeof *p);