Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Jun 2014 13:57:19 -0500
From:      Pedro Giffuni <pfg@FreeBSD.org>
To:        Stefan Farfeleder <stefanf@FreeBSD.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r267675 - head/lib/libc/regex
Message-ID:  <53A4840F.8030903@FreeBSD.org>
In-Reply-To: <20140620182311.GA1214@mole.fafoe.narf.at>
References:  <201406201529.s5KFTAEB068038@svn.freebsd.org> <20140620182311.GA1214@mole.fafoe.narf.at>
next in thread | previous in thread | raw e-mail | index | archive | help 
El 6/20/2014 1:23 PM, Stefan Farfeleder escribió:
> On Fri, Jun 20, 2014 at 03:29:10PM +0000, Pedro F. Giffuni wrote:
>> Author: pfg
>> Date: Fri Jun 20 15:29:09 2014
>> New Revision: 267675
>> URL: http://svnweb.freebsd.org/changeset/base/267675
>>
>> Log:
>>    regex: Make use of reallocf().
>>
>>    Use of reallocf is useful in libraries as we are not certain the
>>    application will exit after NULL.
>>
>>    This somewhat reduces portability but if since you are building
>>    this as part of libc it is likely you have our non-standard
>>    reallocf(3) already.
>>
>>    Reviewed by:	ache
>>    MFC after:	5 days
>>
>> Modified:
>>    head/lib/libc/regex/regcomp.c
>>
>> Modified: head/lib/libc/regex/regcomp.c
>> ==============================================================================
>> --- head/lib/libc/regex/regcomp.c	Fri Jun 20 13:26:49 2014	(r267674)
>> +++ head/lib/libc/regex/regcomp.c	Fri Jun 20 15:29:09 2014	(r267675)
>> @@ -1111,7 +1111,7 @@ allocset(struct parse *p)
>>   {
>>   	cset *cs, *ncs;
>>
>> -	ncs = realloc(p->g->sets, (p->g->ncsets + 1) * sizeof(*ncs));
>> +	ncs = reallocf(p->g->sets, (p->g->ncsets + 1) * sizeof(*ncs));
>>   	if (ncs == NULL) {
>>   		SETERROR(REG_ESPACE);
>>   		return (NULL);
>> @@ -1174,7 +1174,7 @@ CHadd(struct parse *p, cset *cs, wint_t
>>   	if (ch < NC)
>>   		cs->bmp[ch >> 3] |= 1 << (ch & 7);
>>   	else {
>> -		newwides = realloc(cs->wides, (cs->nwides + 1) *
>> +		newwides = reallocf(cs->wides, (cs->nwides + 1) *
>>   		    sizeof(*cs->wides));
>>   		if (newwides == NULL) {
>>   			SETERROR(REG_ESPACE);
>
> Hi Pedro,
>
> I don't think these changes are OK. If reallocf() fails here, the
> cs->wides pointer will be freed and later freeset() will call
> free(cs->wides), probably crashing. The other cases are most probably
> similar though I haven't examined them closely.
>

Ugh .. I think you are right. Let me check and I will revert as necessary.

Pedro.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53A4840F.8030903>