Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

brk_shot_reuse doesn't check the return from realloc() #23

Open
marcmutz opened this issue Jan 26, 2023 · 0 comments · May be fixed by #24
Open

brk_shot_reuse doesn't check the return from realloc() #23

marcmutz opened this issue Jan 26, 2023 · 0 comments · May be fixed by #24

Comments

@marcmutz
Copy link

The code in brk_shot_reuse() doesn't check the return value and directly assigns it to the pointer variable being extended. This is bad for two reasons:

  • the old value of the pointer gets overwritten, making it impossible to free the memory again (= memleak)
  • the following code will just crash

Since the rest of the code handles malloc() failures, I assume this is an oversight.
marcmutz added a commit to marcmutz/libthai that referenced this issue Jan 26, 2023
@marcmutz
brk_pool_node_new: realloc() in brk_shot_reuse() can fail
19d590c 
Handle failure of realloc() in brk_shot_reuse(), which requires adding
a return value to brk_shot_reuse() and handling it in
brk_pool_new_node().

If brk_shot_reuse() fails, try allocating a new node. Yes, if
realloc() failed, a following malloc() will likely fail, too, but this
way the error at least propagates up the call chain.

To keep the logic clean, factor the old if (env->free_list) code into
a separate function brk_pool_node_new_from_free_list().

Fixes tlwg#23.
@marcmutz marcmutz linked a pull request Jan 26, 2023 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

brk_pool_node_new: realloc() in brk_shot_reuse() can fail marcmutz/libthai
1 participant
@marcmutz