From d1dddedf7893fe70ed5d429485c8bcd0ab43f285 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Sat, 29 Dec 2001 15:57:15 +0000 Subject: Realloc error handling memory leak fix. --- elf/chroot_canon.c | 19 +++++++++++++------ elf/dl-object.c | 11 ++++++++--- 2 files changed, 21 insertions(+), 9 deletions(-) (limited to 'elf') diff --git a/elf/chroot_canon.c b/elf/chroot_canon.c index 383c72e651..6b7e444800 100644 --- a/elf/chroot_canon.c +++ b/elf/chroot_canon.c @@ -1,5 +1,5 @@ /* Return the canonical absolute name of a given file inside chroot. - Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc. + Copyright (C) 1996,1997,1998,1999,2000,2001 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -42,8 +42,13 @@ char * chroot_canon (const char *chroot, const char *name) { - char *rpath, *dest, *extra_buf = NULL, *rpath_root; - const char *start, *end, *rpath_limit; + char *rpath; + char *dest; + char *extra_buf = NULL; + char *rpath_root; + const char *start; + const char *end; + const char *rpath_limit; int num_links = 0; size_t chroot_len = strlen (chroot); @@ -94,16 +99,18 @@ chroot_canon (const char *chroot, const char *name) if (dest + (end - start) >= rpath_limit) { ptrdiff_t dest_offset = dest - rpath; + char *new_rpath; new_size = rpath_limit - rpath; if (end - start + 1 > PATH_MAX) new_size += end - start + 1; else new_size += PATH_MAX; - rpath = realloc (rpath, new_size); - rpath_limit = rpath + new_size; - if (rpath == NULL) + new_rpath = (char *) realloc (rpath, new_size); + if (new_rpath == NULL) return NULL; + rpath = new_rpath; + rpath_limit = rpath + new_size; dest = rpath + dest_offset; } diff --git a/elf/dl-object.c b/elf/dl-object.c index ed78b47127..eee9deb3d2 100644 --- a/elf/dl-object.c +++ b/elf/dl-object.c @@ -121,11 +121,16 @@ _dl_new_object (char *realname, const char *libname, int type, origin = NULL; do { + char *new_origin; + len += 128; - origin = (char *) realloc (origin, len); + new_origin = (char *) realloc (origin, len); + if (new_origin == NULL) + /* We exit the loop. Note that result == NULL. */ + break; + origin = new_origin; } - while (origin != NULL - && (result = __getcwd (origin, len - realname_len)) == NULL + while ((result = __getcwd (origin, len - realname_len)) == NULL && errno == ERANGE); if (result == NULL) -- cgit 1.4.1