Hi, Stephen Gallagher wrote: > This was noticed while running a Coverity scan on the libunistring > sources.
Thanks. I had to adjust the fix. Committed as follows: 2012-03-12 Bruno Haible <[email protected]> uninorm: Don't crash in out-of-memory conditions. * lib/uninorm/u-normalize-internal.h (FUNC): Handle malloc() failure gracefully. * lib/uninorm/uninorm-filter.c (uninorm_filter_write): Likewise. Based on a report and patch by Stephen Gallagher <[email protected]>. --- lib/uninorm/u-normalize-internal.h.orig Mon Mar 12 13:01:28 2012 +++ lib/uninorm/u-normalize-internal.h Mon Mar 12 12:58:19 2012 @@ -310,6 +310,11 @@ abort (); new_sortbuf = (struct ucs4_with_ccc *) malloc (2 * sortbuf_allocated * sizeof (struct ucs4_with_ccc)); + if (new_sortbuf == NULL) + { + errno = ENOMEM; + goto fail; + } memcpy (new_sortbuf, sortbuf, sortbuf_count * sizeof (struct ucs4_with_ccc)); if (sortbuf != sortbuf_preallocated) --- lib/uninorm/uninorm-filter.c.orig Mon Mar 12 13:01:29 2012 +++ lib/uninorm/uninorm-filter.c Mon Mar 12 12:56:08 2012 @@ -241,6 +241,12 @@ new_sortbuf = (struct ucs4_with_ccc *) malloc (2 * filter->sortbuf_allocated * sizeof (struct ucs4_with_ccc)); + if (new_sortbuf == NULL) + { + /* errno is ENOMEM. */ + filter->sortbuf_count = sortbuf_count; + return -1; + } memcpy (new_sortbuf, filter->sortbuf, sortbuf_count * sizeof (struct ucs4_with_ccc)); if (filter->sortbuf != filter->sortbuf_preallocated)
