From: Lidong Yan <502024330056@xxxxxxxxxxxxxxxx>
REFTABLE_REALLOC_ARRAY doesn't free origin pointer when reftable_realloc
failed. This leak can be fixed by add a free(x) before set x to NULL.
Signed-off-by: Lidong Yan <502024330056@xxxxxxxxxxxxxxxx>
---
REFTABLE_REALLOC_ARRAY: fix potential memory leak if realloc failed
REFTABLE_REALLOC_ARRAY doesn't free origin pointer when reftable_realloc
failed. This leak can be fixed by add a free(x) before set x to NULL.
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1955%2Fbrandb97%2Ffix-REFTABLE-REALLOC-leak-v1
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1955/brandb97/fix-REFTABLE-REALLOC-leak-v1
Pull-Request: https://github.com/git/git/pull/1955
reftable/basics.h | 28 ++++++++++++++++++++--------
1 file changed, 20 insertions(+), 8 deletions(-)
diff --git a/reftable/basics.h b/reftable/basics.h
index d8888c12629..c7651f0cda8 100644
--- a/reftable/basics.h
+++ b/reftable/basics.h
@@ -200,14 +200,26 @@ static inline int reftable_alloc_size(size_t nelem, size_t elsize, size_t *out)
} \
} while (0)
#define REFTABLE_CALLOC_ARRAY(x, alloc) (x) = reftable_calloc((alloc), sizeof(*(x)))
-#define REFTABLE_REALLOC_ARRAY(x, alloc) do { \
- size_t alloc_size; \
- if (reftable_alloc_size(sizeof(*(x)), (alloc), &alloc_size) < 0) { \
- errno = ENOMEM; \
- (x) = NULL; \
- } else { \
- (x) = reftable_realloc((x), alloc_size); \
- } \
+#define REFTABLE_REALLOC_ARRAY(x, alloc) \
+ do { \
+ size_t alloc_size; \
+ void *new_p; \
+ if (reftable_alloc_size(sizeof(*(x)), (alloc), &alloc_size) < \
+ 0) { \
+ goto cleanup; \
+ } else { \
+ new_p = reftable_realloc((x), alloc_size); \
+ if (!new_p) { \
+ goto cleanup; \
+ } \
+ (x) = new_p; \
+ } \
+ break; \
+ cleanup: \
+ if (x) \
+ free(x); \
+ errno = ENOMEM; \
+ (x) = NULL; \
} while (0)
static inline void *reftable_alloc_grow(void *p, size_t nelem, size_t elsize,
base-commit: 6f84262c44a89851c3ae5a6e4c1a9d06b2068d75
--
gitgitgadget
