Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 20 Jun 2014 14:37:06 -0500
From:      Pedro Giffuni <pfg@FreeBSD.org>
To:        Stefan Farfeleder <stefanf@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r267675 - head/lib/libc/regex
Message-ID:  <53A48D62.4060801@FreeBSD.org>
In-Reply-To: <20140620182311.GA1214@mole.fafoe.narf.at>
References:  <201406201529.s5KFTAEB068038@svn.freebsd.org> <20140620182311.GA1214@mole.fafoe.narf.at>

next in thread | previous in thread | raw e-mail | index | archive | help
El 6/20/2014 1:23 PM, Stefan Farfeleder escribió:
> On Fri, Jun 20, 2014 at 03:29:10PM +0000, Pedro F. Giffuni wrote:
>> Author: pfg
>> Date: Fri Jun 20 15:29:09 2014
>> New Revision: 267675
>> URL: http://svnweb.freebsd.org/changeset/base/267675
>>
>> Log:
>>    regex: Make use of reallocf().
>>
>>    Use of reallocf is useful in libraries as we are not certain the
>>    application will exit after NULL.
>>
>>    This somewhat reduces portability but if since you are building
>>    this as part of libc it is likely you have our non-standard
>>    reallocf(3) already.
>>
>>    Reviewed by:	ache
>>    MFC after:	5 days
>>
>> Modified:
>>    head/lib/libc/regex/regcomp.c
>>
>> Modified: head/lib/libc/regex/regcomp.c
>> ==============================================================================
>> --- head/lib/libc/regex/regcomp.c	Fri Jun 20 13:26:49 2014	(r267674)
>> +++ head/lib/libc/regex/regcomp.c	Fri Jun 20 15:29:09 2014	(r267675)
>> @@ -1111,7 +1111,7 @@ allocset(struct parse *p)
>>   {
>>   	cset *cs, *ncs;
>>
>> -	ncs = realloc(p->g->sets, (p->g->ncsets + 1) * sizeof(*ncs));
>> +	ncs = reallocf(p->g->sets, (p->g->ncsets + 1) * sizeof(*ncs));
>>   	if (ncs == NULL) {
>>   		SETERROR(REG_ESPACE);
>>   		return (NULL);
>> @@ -1174,7 +1174,7 @@ CHadd(struct parse *p, cset *cs, wint_t
>>   	if (ch < NC)
>>   		cs->bmp[ch >> 3] |= 1 << (ch & 7);
>>   	else {
>> -		newwides = realloc(cs->wides, (cs->nwides + 1) *
>> +		newwides = reallocf(cs->wides, (cs->nwides + 1) *
>>   		    sizeof(*cs->wides));
>>   		if (newwides == NULL) {
>>   			SETERROR(REG_ESPACE);
>
> Hi Pedro,
>
> I don't think these changes are OK. If reallocf() fails here, the
> cs->wides pointer will be freed and later freeset() will call
> free(cs->wides), probably crashing. The other cases are most probably
> similar though I haven't examined them closely.
>

OK ...

I don't think there is any problem:

If reallocf fails, newwides will be set to NULL and if free() is called 
it doesn't do anything when the argument is NULL.

Also freeset() is meant to be called to "free a now-unused set" and it 
is not called within the library. I would think using a value when the 
allocation has failed is a much more serious issue than attempting to 
fail to free it after trying to use it. ;-).

Pedro.




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53A48D62.4060801>