YMMC yet more missing checks
andreas moroder
claudiamoroder at st-ulrich.suedtirol.net
Tue Aug 7 20:24:21 GMT 2001
Hello,
while checking the next subdir for memory leaks I have found a basic problem
with the usage or Realloc. If I call Realloc with a valid pointer and a size
>0 then it uses the standard realloc ( seems to be redundant ).
If you read the man of realloc you will find this
"If realloc fails the original block is left untouched - it is not freed or
moved."
but in most places Realloc is used this way
ptr=Realloc(ptr,size)
now if realloc fails, Realloc gives back NULL, ptr becomes NULL and the
original memory pointed by ptr is lost.
Tell me if I am wrong.
And now to the YMMC
client/client.c
static void do_put(char *rname,char *lname)
....
buf = (char *)malloc(maxwrite); <<<< IS newer checked
while (!feof(f)) {
int n = maxwrite;
int ret;
if ((n = readfile(buf,1,n,f)) < 1) {
client/smbumount.c
static char *
canonicalize (char *path)
{
char *canonical = malloc (PATH_MAX + 1);
if (strlen(path) > PATH_MAX) {
fprintf(stderr, "Mount point string too long\n");
return NULL;
}
if (path == NULL)
return NULL;
if (realpath (path, canonical)) <<<< used and never checked
return canonical;
in this function even the order is strange, why malloc before the other test.
It should be
static char *
canonicalize (char *path)
{
char *canonical;
if (strlen(path) > PATH_MAX) {
fprintf(stderr, "Mount point string too long\n");
return NULL;
}
if (path == NULL)
return NULL;
canonical= malloc (PATH_MAX + 1);
if (canonical==NULL) {
fprintf(stderr, "Out of memory\n");
return NULL;
}
if (realpath (path, canonical))
return canonical;
pstrcpy (canonical, path);
return canonical;
}
Bye
Andreas
More information about the samba-technical
mailing list