[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] dfa: more heap-allocation-related overflow protection
|
From: |
Jim Meyering |
|
Subject: |
[PATCH] dfa: more heap-allocation-related overflow protection |
|
Date: |
Tue, 21 Jun 2011 10:37:43 +0200 |
I did a more thorough search through dfa.c for potential heap
allocation problems and found two more. This fixes them:
>From bfd71eeff179f1ddeaefb63860b58941ea95a14f Mon Sep 17 00:00:00 2001
From: Jim Meyering <address@hidden>
Date: Tue, 21 Jun 2011 10:14:45 +0200
Subject: [PATCH] dfa: more heap-allocation-related overflow protection
* src/dfa.c (enlist): Use xnrealloc, not realloc.
Also, remove unnecessary cast-to-(char *).
(dfamust): Use xnmalloc, not malloc. Before, this code would
return upon malloc failure (xnmalloc exits upon failure), but
later, via the *ALLOC macros, it could already exit, so this
new potential exit point is nothing new. The same applies
to enlist, since it is called only through dfamust.
---
src/dfa.c | 8 ++------
1 files changed, 2 insertions(+), 6 deletions(-)
diff --git a/src/dfa.c b/src/dfa.c
index 0fc6c55..10825f7 100644
--- a/src/dfa.c
+++ b/src/dfa.c
@@ -3712,9 +3712,7 @@ enlist (char **cpp, char *new, size_t len)
cpp[i] = NULL;
}
/* Add the new string. */
- cpp = realloc((char *) cpp, (i + 2) * sizeof *cpp);
- if (cpp == NULL)
- return NULL;
+ cpp = xnrealloc(cpp, i + 2, sizeof *cpp);
cpp[i] = new;
cpp[i + 1] = NULL;
return cpp;
@@ -3839,9 +3837,7 @@ dfamust (struct dfa *d)
result = empty_string;
exact = 0;
- musts = malloc((d->tindex + 1) * sizeof *musts);
- if (musts == NULL)
- return;
+ musts = xnmalloc(d->tindex + 1, sizeof *musts);
mp = musts;
for (i = 0; i <= d->tindex; ++i)
mp[i] = must0;
--
1.7.6.rc2.295.gb63f3
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH] dfa: more heap-allocation-related overflow protection,
Jim Meyering <=