[pacman-dev] [PATCH] add_fileconflict, don't free if CALLOC fail
If CALLOC fails, conflict is NULL, so we shouldn't attempt to free it's members, since that would lead to a NULL pointer dereference. Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> --- Is there a reason none of the alpm_*_free() functions check if the input is NULL? That would be more robust, and what I think would be expected, since free() accepts NULL as input. lib/libalpm/conflict.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/libalpm/conflict.c b/lib/libalpm/conflict.c index 0af3e3a..823fb67 100644 --- a/lib/libalpm/conflict.c +++ b/lib/libalpm/conflict.c @@ -273,7 +273,8 @@ static alpm_list_t *add_fileconflict(alpm_handle_t *handle, alpm_pkg_t *pkg1, alpm_pkg_t *pkg2) { alpm_fileconflict_t *conflict; - CALLOC(conflict, 1, sizeof(alpm_fileconflict_t), goto error); + CALLOC(conflict, 1, sizeof(alpm_fileconflict_t), + RET_ERR(handle, ALPM_ERR_MEMORY, conflicts)); STRDUP(conflict->target, pkg1->name, goto error); STRDUP(conflict->file, filestr, goto error); -- 2.6.2
2015-10-24 21:51 GMT+02:00 Rikard Falkeborn <rikard.falkeborn@gmail.com>:
If CALLOC fails, conflict is NULL, so we shouldn't attempt to free it's members, since that would lead to a NULL pointer dereference.
Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> --- Is there a reason none of the alpm_*_free() functions check if the input is NULL? That would be more robust, and what I think would be expected, since free() accepts NULL as input.
I sent at patch to check for NULL in alpm_fileconflict_free and a few more functions. If that's applied, this patch doesn't really add any value.
participants (1)
-
Rikard Falkeborn