From owner-svn-src-stable@FreeBSD.ORG Tue Feb 5 09:50:34 2013 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 30D80C1A; Tue, 5 Feb 2013 09:50:34 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 0A4BF90B; Tue, 5 Feb 2013 09:50:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r159oX4L020635; Tue, 5 Feb 2013 09:50:33 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r159oXOR020634; Tue, 5 Feb 2013 09:50:33 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201302050950.r159oXOR020634@svn.freebsd.org> From: Xin LI Date: Tue, 5 Feb 2013 09:50:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r246356 - in stable: 7/lib/libc/gen 8/lib/libc/gen 9/lib/libc/gen X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2013 09:50:34 -0000 Author: delphij Date: Tue Feb 5 09:50:33 2013 New Revision: 246356 URL: http://svnweb.freebsd.org/changeset/base/246356 Log: MFC r243758 (marcel): In globextend() when the pathv vector cannot be (re-)allocated, don't free and clear the gl_pathv pointer in the glob_t structure. Such breaks the invariant of the glob_t structure, as stated in the comment right in front of the globextend() function. If gl_pathv was non-NULL, then gl_pathc was > 0. Making gl_pathv a NULL pointer without also setting gl_pathc to 0 is wrong. Since we otherwise don't free the memory associated with a glob_t in error cases, it's unlikely that this change will cause a memory leak that wasn't already there to begin with. Callers of glob(3) must call globfree(3) irrespective of whether glob(3) returned an error or not. MFC r243759 (marcel): In globextend(), take advantage of the fact that realloc(NULL, size) is equivalent to malloc(size). This eliminates the conditional expression used for calling either realloc() or malloc() when realloc() will do all the time. Modified: stable/8/lib/libc/gen/glob.c Directory Properties: stable/8/lib/libc/ (props changed) Changes in other areas also in this revision: Modified: stable/7/lib/libc/gen/glob.c stable/9/lib/libc/gen/glob.c Directory Properties: stable/7/lib/libc/ (props changed) stable/9/lib/libc/ (props changed) Modified: stable/8/lib/libc/gen/glob.c ============================================================================== --- stable/8/lib/libc/gen/glob.c Tue Feb 5 09:40:31 2013 (r246355) +++ stable/8/lib/libc/gen/glob.c Tue Feb 5 09:50:33 2013 (r246356) @@ -710,16 +710,10 @@ globextend(const Char *path, glob_t *pgl } newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); - pathv = pglob->gl_pathv ? - realloc((char *)pglob->gl_pathv, newsize) : - malloc(newsize); - if (pathv == NULL) { - if (pglob->gl_pathv) { - free(pglob->gl_pathv); - pglob->gl_pathv = NULL; - } + /* realloc(NULL, newsize) is equivalent to malloc(newsize). */ + pathv = realloc((void *)pglob->gl_pathv, newsize); + if (pathv == NULL) return(GLOB_NOSPACE); - } if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { /* first time around -- clear initial gl_offs items */