29934: Stef van Vlierberghe: uninitialised memory after lexer realloc

author: Peter Stephenson <pws@users.sourceforge.net> 2011-12-03 17:24:45 +0000
committer: Peter Stephenson <pws@users.sourceforge.net> 2011-12-03 17:24:45 +0000
commit: 724fd07a67f135c74eba57e9f25fd342201ec722 (patch)
tree: e00992da5a53633b9089a7143441652bb4f18530 /Src/lex.c
parent: 82bc048da969e03550f5ddc2093d0b8ad9eda8a4 (diff)
download: zsh-724fd07a67f135c74eba57e9f25fd342201ec722.tar.gz
zsh-724fd07a67f135c74eba57e9f25fd342201ec722.tar.xz
zsh-724fd07a67f135c74eba57e9f25fd342201ec722.zip
1 files changed, 2 insertions, 10 deletions
diff --git a/Src/lex.c b/Src/lex.c
index 90c4effd9..05f54f842 100644
--- a/Src/lex.c
+++ b/Src/lex.c
@@ -567,22 +567,14 @@ add(int c)
 {
     *bptr++ = c;
     if (bsiz == ++len) {
-#if 0
-	int newbsiz;
-
-	newbsiz = bsiz * 8;
-	while (newbsiz < inbufct)
-	    newbsiz *= 2;
-	bptr = len + (tokstr = (char *)hrealloc(tokstr, bsiz, newbsiz));
-	bsiz = newbsiz;
-#endif
-
 	int newbsiz = bsiz * 2;
 
 	if (newbsiz > inbufct && inbufct > bsiz)
 	    newbsiz = inbufct;
 
 	bptr = len + (tokstr = (char *)hrealloc(tokstr, bsiz, newbsiz));
+	/* len == bsiz, so bptr is at the start of newly allocated memory */
+	memset(bptr, 0, newbsiz - bsiz);
 	bsiz = newbsiz;
     }
 }
author	Peter Stephenson <pws@users.sourceforge.net>	2011-12-03 17:24:45 +0000
committer	Peter Stephenson <pws@users.sourceforge.net>	2011-12-03 17:24:45 +0000
commit	724fd07a67f135c74eba57e9f25fd342201ec722 (patch)
tree	e00992da5a53633b9089a7143441652bb4f18530 /Src/lex.c
parent	82bc048da969e03550f5ddc2093d0b8ad9eda8a4 (diff)
download	zsh-724fd07a67f135c74eba57e9f25fd342201ec722.tar.gz zsh-724fd07a67f135c74eba57e9f25fd342201ec722.tar.xz zsh-724fd07a67f135c74eba57e9f25fd342201ec722.zip