diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2015-12-19 13:04:40 -0500 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2015-12-19 13:04:40 -0500 |
| commit | f02e644a90dde960b47f9bc87125fe37dece7ee9 (patch) | |
| tree | 01322dd3643857682ea5a9c1432619543d1b37d4 | |
| parent | libsandbox: fix old_malloc_size check on realloc (diff) | |
| download | sandbox-f02e644a90dde960b47f9bc87125fe37dece7ee9.tar.gz sandbox-f02e644a90dde960b47f9bc87125fe37dece7ee9.tar.bz2 sandbox-f02e644a90dde960b47f9bc87125fe37dece7ee9.zip | |
libsandbox: tweak edge cases of realloc a bit
We need to return NULL when passed a size of 0 as the API requires the
return value be usable w/free, but we just freed the pointer so the ret
will cause memory corruption later on.
When we go to preserve the old content, we don't need the MIN check as
we already verified that a few lines up. But leave it for defensive
purposes as gcc already optimizes it out for us. Just comment things.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
| -rw-r--r-- | libsandbox/memory.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/libsandbox/memory.c b/libsandbox/memory.c index a2d69a2..a8f4d4b 100644 --- a/libsandbox/memory.c +++ b/libsandbox/memory.c @@ -81,7 +81,7 @@ void *realloc(void *ptr, size_t size) return malloc(size); if (size == 0) { free(ptr); - return ptr; + return NULL; } old_malloc_size = SB_MALLOC_TO_SIZE(ptr); @@ -91,6 +91,10 @@ void *realloc(void *ptr, size_t size) ret = malloc(size); if (!ret) return ret; + /* We already verified old_malloc_size is smaller than size above, so + * we don't really need the MIN() here. We leave it to be defensive, + * and because gcc optimizes away the check for us. + */ memcpy(ret, ptr, MIN(size, old_malloc_size)); free(ptr); return ret; |