YMMC yet more malloc checks

Simo Sorce idra at samba.org
Wed Aug 8 16:56:52 GMT 2001 

On Tue, Aug 07, 2001 at 10:38:48PM +0200, Andreas Moroder wrote:
> Hello,
> 
> while checking the next subdir for memory leaks I have found a basic problem
> with the usage or Realloc. If I call Realloc with a valid pointer and a size
> >0 then it uses the standard realloc ( seems to be redundant ).
> 
> If you read the man of realloc you will find this
> 
> "If realloc fails the original block is left untouched - it is not freed or
> moved."
> 
> but in most places Realloc is used this way
> 
> ptr=Realloc(ptr,size)
> 
> now if realloc fails, Realloc gives back NULL, ptr becomes NULL and the
> original memory pointed by ptr is lost.
> 
> Tell me if I am wrong.

you are right, I'm checking this bugs just now.


> 
> And now to the YMMC
> 
> client/client.c
> 
> static void do_put(char *rname,char *lname)
> ....
>  buf = (char *)malloc(maxwrite);                        <<<< IS newer
> checked
>  while (!feof(f)) {
>   int n = maxwrite;
>   int ret;
> 
>   if ((n = readfile(buf,1,n,f)) < 1) {
> 
> 
> client/smbumount.c
> 
> static char *
> canonicalize (char *path)
> {
>  char *canonical = malloc (PATH_MAX + 1);
> 
>  if (strlen(path) > PATH_MAX) {
>   fprintf(stderr, "Mount point string too long\n");
>   return NULL;
>  }
> 
>  if (path == NULL)
>   return NULL;
> 
>  if (realpath (path, canonical)) <<<< used and never checked
>   return canonical;
> 
> in this function even the order is strange, why malloc before the other
> test.
> It should be
> 
> static char *
> canonicalize (char *path)
> {
>  char *canonical;
> 
>  if (strlen(path) > PATH_MAX) {
>   fprintf(stderr, "Mount point string too long\n");
>   return NULL;
>  }
> 
>  if (path == NULL)
>   return NULL;
> 
>  canonical= malloc (PATH_MAX + 1);
>  if (canonical==NULL) {
>   fprintf(stderr, "Out of memory\n");
>                             return NULL;
>  }
> 
>  if (realpath (path, canonical))
>   return canonical;
> 
>  pstrcpy (canonical, path);
>  return canonical;
> }
> 

thank you I've fixed both in HEAD.

-- 
Simo Sorce       idra at samba.org
-------------------------------
Samba Team http://www.samba.org

More information about the samba-technical mailing list