diff mbox

[V2] fwts_stringextras: free original string on failed realloc

Message ID 20170413100131.27990-1-colin.king@canonical.com
State Accepted
Headers show

Commit Message

Colin Ian King April 13, 2017, 10:01 a.m. UTC 
From: Colin Ian King <colin.king@canonical.com>

A common bug is where realloc fails to allocate and we assume that
the memory being realloc'd was freed. This is not the case, the
NULL return means we need to free the original string to avoid
a memory leak.

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 src/lib/src/fwts_stringextras.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

Comments

Alex Hung April 17, 2017, 5:23 p.m. UTC | #1 
On 2017-04-13 03:01 AM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> A common bug is where realloc fails to allocate and we assume that
> the memory being realloc'd was freed. This is not the case, the
> NULL return means we need to free the original string to avoid
> a memory leak.
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  src/lib/src/fwts_stringextras.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_stringextras.c b/src/lib/src/fwts_stringextras.c
> index f63434b7..f461d030 100644
> --- a/src/lib/src/fwts_stringextras.c
> +++ b/src/lib/src/fwts_stringextras.c
> @@ -58,8 +58,14 @@ char *fwts_realloc_strcat(char *orig, const char *newstr)
>  	size_t newlen = strlen(newstr);
>
>  	if (orig) {
> -		if ((orig = realloc(orig, strlen(orig) + newlen + 1)) == NULL)
> +		char *tmp;
> +
> +		tmp = realloc(orig, strlen(orig) + newlen + 1);
> +		if (!tmp) {
> +			free(orig);
>  			return NULL;
> +		}
> +		orig = tmp;
>  		strcat(orig, newstr);
>  	} else {
>  		if ((orig = malloc(newlen + 1)) == NULL)
>

the "lib:" is missing in the subject, but this can be fixed when 
applying the patch.

Acked-by: Alex Hung <alex.hung@canonical.com>
Ivan Hu April 21, 2017, 2:34 a.m. UTC | #2 
On 04/13/2017 06:01 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> A common bug is where realloc fails to allocate and we assume that
> the memory being realloc'd was freed. This is not the case, the
> NULL return means we need to free the original string to avoid
> a memory leak.
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  src/lib/src/fwts_stringextras.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_stringextras.c b/src/lib/src/fwts_stringextras.c
> index f63434b7..f461d030 100644
> --- a/src/lib/src/fwts_stringextras.c
> +++ b/src/lib/src/fwts_stringextras.c
> @@ -58,8 +58,14 @@ char *fwts_realloc_strcat(char *orig, const char *newstr)
>  	size_t newlen = strlen(newstr);
>
>  	if (orig) {
> -		if ((orig = realloc(orig, strlen(orig) + newlen + 1)) == NULL)
> +		char *tmp;
> +
> +		tmp = realloc(orig, strlen(orig) + newlen + 1);
> +		if (!tmp) {
> +			free(orig);
>  			return NULL;
> +		}
> +		orig = tmp;
>  		strcat(orig, newstr);
>  	} else {
>  		if ((orig = malloc(newlen + 1)) == NULL)
>

Acked-by: Ivan Hu <ivan.hu@canonical.com>
diff mbox

Patch

diff --git a/src/lib/src/fwts_stringextras.c b/src/lib/src/fwts_stringextras.c
index f63434b7..f461d030 100644
--- a/src/lib/src/fwts_stringextras.c
+++ b/src/lib/src/fwts_stringextras.c
@@ -58,8 +58,14 @@  char *fwts_realloc_strcat(char *orig, const char *newstr)
 	size_t newlen = strlen(newstr);
 
 	if (orig) {
-		if ((orig = realloc(orig, strlen(orig) + newlen + 1)) == NULL)
+		char *tmp;
+
+		tmp = realloc(orig, strlen(orig) + newlen + 1);
+		if (!tmp) {
+			free(orig);
 			return NULL;
+		}
+		orig = tmp;
 		strcat(orig, newstr);
 	} else {
 		if ((orig = malloc(newlen + 1)) == NULL)