Hi,
On Mon, May 7, 2018 at 12:12 AM, Dominique Pellé
<[email protected]> wrote:
> @dpelle commented on this pull request.
>
> ________________________________
>
> In src/quickfix.c:
>
>> + if (regmatch->startp[i] == NULL)
> + return QF_FAIL;
> + fields->col = (int)atol((char *)regmatch->startp[i]);
> + }
> + if ((i = (int)fmt_ptr->addr[4]) > 0) /* %t */
> + {
> + if (regmatch->startp[i] == NULL)
> + return QF_FAIL;
> + fields->type = *regmatch->startp[i];
> + }
> + if (fmt_ptr->flags == '+' && !qf_multiscan) /* %+ */
> + {
> + if (linelen >= fields->errmsglen)
> + {
> + /* linelen + null terminator */
> + if ((fields->errmsg = vim_realloc(fields->errmsg,
>
> This way of calling realloc leaks memory if realloc(…) fails i.e. if it
> returns NULL.
> See https://www.viva64.com/en/w/v701/ for more details.
>
Thanks for pointing this out. I have pushed out a new commit that
fixes this issue. I have also fixed other places in quickfix.c where
vim_realloc() is used.
Thanks,
Yegappan
>
> ________________________________
>
> In src/quickfix.c:
>
>> + if ((fields->errmsg = vim_realloc(fields->errmsg,
> + linelen + 1)) == NULL)
> + return QF_NOMEM;
> + fields->errmsglen = linelen + 1;
> + }
> + vim_strncpy(fields->errmsg, linebuf, linelen);
> + }
> + else if ((i = (int)fmt_ptr->addr[5]) > 0) /* %m */
> + {
> + if (regmatch->startp[i] == NULL || regmatch->endp[i] == NULL)
> + return QF_FAIL;
> + len = (int)(regmatch->endp[i] - regmatch->startp[i]);
> + if (len >= fields->errmsglen)
> + {
> + /* len + null terminator */
> + if ((fields->errmsg = vim_realloc(fields->errmsg, len + 1))
>
> Same remark: leak if vim_realloc(…) returns NULL.
>
> ________________________________
>
> In src/quickfix.c:
>
>> +}
> +
> +/*
> + * Parse a non-error line (a line which doesn't match any of the error
> + * format in 'efm').
> + */
> + static int
> +qf_parse_line_nomatch(char_u *linebuf, int linelen, qffields_T *fields)
> +{
> + fields->namebuf[0] = NUL; /* no match found, remove file name */
> + fields->lnum = 0; /* don't jump to this line */
> + fields->valid = FALSE;
> + if (linelen >= fields->errmsglen)
> + {
> + /* linelen + null terminator */
> + if ((fields->errmsg = vim_realloc(fields->errmsg,
>
> Leak if vim_realloc(…) fails.
>
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
