[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#807743: RFS: filters/2.55-1 [ITA] - collection of filters, including B1FF and the Swedish Chef

* Andrew J. Buehler <wanderer@fastmail.fm>, 2015-12-12, 19:11:
[scramble.c:180]: (error) Common realloc mistake: 'word' nulled but not freed upon failure 
[...]

I'm not completely sure I see the problem with this one;


cppcheck warns against code like this:

p = realloc(p, s);
If realloc() fails, the original memory block is left untouched, and the return value is NULL. That means you can't free said memory block, because you just overwrote the pointer to it... 

You should use something like this instead:

new_p = realloc(p, s);
if (new_p)
	p = new_p
else {
	free(p);
	... /* more error handling here */
}


Now, the actual code in scramble.c looks like this:

     word = realloc(word, word_length+2);
     word[word_length] = c;

So most likely there won't be any memory leak, just a crash. :>
Could someone explain what the mistake is (perhaps offlist, since it isn't really on-topic)? 

Nah, it's not off-topic. :)

--
Jakub Wilk
Reply to: