From 724fd07a67f135c74eba57e9f25fd342201ec722 Mon Sep 17 00:00:00 2001
From: Peter Stephenson <pws@users.sourceforge.net>
Date: Sat, 3 Dec 2011 17:24:45 +0000
Subject: 29934: Stef van Vlierberghe: uninitialised memory after lexer realloc

---
 Src/lex.c | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

(limited to 'Src')

diff --git a/Src/lex.c b/Src/lex.c
index 90c4effd9..05f54f842 100644
--- a/Src/lex.c
+++ b/Src/lex.c
@@ -567,22 +567,14 @@ add(int c)
 {
     *bptr++ = c;
     if (bsiz == ++len) {
-#if 0
-	int newbsiz;
-
-	newbsiz = bsiz * 8;
-	while (newbsiz < inbufct)
-	    newbsiz *= 2;
-	bptr = len + (tokstr = (char *)hrealloc(tokstr, bsiz, newbsiz));
-	bsiz = newbsiz;
-#endif
-
 	int newbsiz = bsiz * 2;
 
 	if (newbsiz > inbufct && inbufct > bsiz)
 	    newbsiz = inbufct;
 
 	bptr = len + (tokstr = (char *)hrealloc(tokstr, bsiz, newbsiz));
+	/* len == bsiz, so bptr is at the start of newly allocated memory */
+	memset(bptr, 0, newbsiz - bsiz);
 	bsiz = newbsiz;
     }
 }
-- 
cgit 1.4.1