On 18.09.2009 15:33, Uwe Hermann wrote: > On Wed, Sep 16, 2009 at 02:48:18PM +0200, Carl-Daniel Hailfinger wrote: > >> The pattern of >> foo = realloc(foo, size); >> causes a memory leak if realloc fails because realloc does not free foo >> in case of failure, but foo will be NULL after a failure, so there is no >> way to access or free the original foo. >> >> Fix unchecked [mc]alloc return values as well. >> >> Signed-off-by: Carl-Daniel Hailfinger <[email protected]> >> > > Looks good and is build-tested by me. But please see below. > > Acked-by: Uwe Hermann <[email protected]> >
Thanks, I'll resend with fixes. >> + char *newdest = realloc(dest, strlen(dest) + strlen(src) + 1); >> strcat(dest, src); >> > This looks strange, newdest is the new string but we still use dest in > the strcat below? Is that correct? > Oops. This is a real bug. Also present in other places. Will fix. Regards, Carl-Daniel -- http://www.hailfinger.org/ _______________________________________________ flashrom mailing list [email protected] http://www.flashrom.org/mailman/listinfo/flashrom
