d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

In globextend() when the pathv vector cannot be (re-)allocated, don't

Browse Source 
free and clear the gl_pathv pointer in the glob_t structure. Such
breaks the invariant of the glob_t structure, as stated in the comment
right in front of the globextend() function. If gl_pathv was non-NULL,
then gl_pathc was > 0. Making gl_pathv a NULL pointer without also
setting gl_pathc to 0 is wrong.

Since we otherwise don't free the memory associated with a glob_t in
error cases, it's unlikely that this change will cause a memory leak
that wasn't already there to begin with. Callers of glob(3) must
call globfree(3) irrespective of whether glob(3) returned an error
or not.
This commit is contained in:
marcel 2012-12-01 17:44:06 +00:00
parent 242dabb510
commit 5192abbac6
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/libc/gen/glob.c
View File

@ -718,13 +718,8 @@ globextend(const Char *path, glob_t *pglob, size_t *limit)
pathv = pglob->gl_pathv ? pathv = pglob->gl_pathv ?
realloc((char *)pglob->gl_pathv, newsize) : realloc((char *)pglob->gl_pathv, newsize) :
malloc(newsize); malloc(newsize);
if (pathv == NULL) { if (pathv == NULL)
if (pglob->gl_pathv) {
free(pglob->gl_pathv);
pglob->gl_pathv = NULL;
}
return (GLOB_NOSPACE); return (GLOB_NOSPACE);
}
if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) {
/* first time around -- clear initial gl_offs items */ /* first time around -- clear initial gl_offs items */