| Message ID | 20170413100549.1247-1-colin.king@canonical.com |
|---|---|
| State | Accepted |
| Headers | show |
On 2017-04-13 03:05 AM, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > A common bug is where realloc fails to allocate and we assume that > the memory being realloc'd was freed. This is not the case, the > NULL return means we need to free the original string to avoid > a memory leak. > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/acpica/source/compiler/fwts_iasl_interface.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/src/acpica/source/compiler/fwts_iasl_interface.c b/src/acpica/source/compiler/fwts_iasl_interface.c > index b110c10c..1020512b 100644 > --- a/src/acpica/source/compiler/fwts_iasl_interface.c > +++ b/src/acpica/source/compiler/fwts_iasl_interface.c > @@ -170,8 +170,15 @@ static int fwts_iasl_read_output(const int fd, char **data, size_t *len, bool *e > return 0; > > while ((n = read(fd, buffer, sizeof(buffer))) > 0) { > - if ((*data = realloc(*data, *len + n + 1)) == NULL) > + char *tmp; > + > + tmp = realloc(*data, *len + n + 1); > + if (!tmp) { > + free(*data); > + *data = NULL; > return -1; > + } > + *data = tmp; > memcpy(*data + *len, buffer, n); > *len += n; > (*data)[*len] = '\0'; > Acked-by: Alex Hung <alex.hung@canonical.com>
On 04/13/2017 06:05 PM, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > A common bug is where realloc fails to allocate and we assume that > the memory being realloc'd was freed. This is not the case, the > NULL return means we need to free the original string to avoid > a memory leak. > > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/acpica/source/compiler/fwts_iasl_interface.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/src/acpica/source/compiler/fwts_iasl_interface.c b/src/acpica/source/compiler/fwts_iasl_interface.c > index b110c10c..1020512b 100644 > --- a/src/acpica/source/compiler/fwts_iasl_interface.c > +++ b/src/acpica/source/compiler/fwts_iasl_interface.c > @@ -170,8 +170,15 @@ static int fwts_iasl_read_output(const int fd, char **data, size_t *len, bool *e > return 0; > > while ((n = read(fd, buffer, sizeof(buffer))) > 0) { > - if ((*data = realloc(*data, *len + n + 1)) == NULL) > + char *tmp; > + > + tmp = realloc(*data, *len + n + 1); > + if (!tmp) { > + free(*data); > + *data = NULL; > return -1; > + } > + *data = tmp; > memcpy(*data + *len, buffer, n); > *len += n; > (*data)[*len] = '\0'; > Acked-by: Ivan Hu <ivan.hu@canonical.com>
diff --git a/src/acpica/source/compiler/fwts_iasl_interface.c b/src/acpica/source/compiler/fwts_iasl_interface.c index b110c10c..1020512b 100644 --- a/src/acpica/source/compiler/fwts_iasl_interface.c +++ b/src/acpica/source/compiler/fwts_iasl_interface.c @@ -170,8 +170,15 @@ static int fwts_iasl_read_output(const int fd, char **data, size_t *len, bool *e return 0; while ((n = read(fd, buffer, sizeof(buffer))) > 0) { - if ((*data = realloc(*data, *len + n + 1)) == NULL) + char *tmp; + + tmp = realloc(*data, *len + n + 1); + if (!tmp) { + free(*data); + *data = NULL; return -1; + } + *data = tmp; memcpy(*data + *len, buffer, n); *len += n; (*data)[*len] = '\0';