[lxc-devel] [PATCH lxcfs 3/5] fix leak in realloc loop in must_strcat_pid

[Wolfgang Bumiller]

If the first realloc() call fails then 'd' becomes NULL,
subsequent realloc() retries will behave like malloc() and
the the original src pointer is never freed. Further more
the newly allocated data then contains uninitialized data
where the previous pids had been stored.
Avoid this by passing the the original pointer from '*src'
to realloc().

Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
 lxcfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lxcfs.c b/lxcfs.c
index 8605000..d738e79 100644
--- a/lxcfs.c
+++ b/lxcfs.c
@@ -87,7 +87,7 @@ static void must_strcat_pid(char **src, size_t *sz, size_t *asz, pid_t pid)
 		*asz = BUF_RESERVE_SIZE;
 	} else if (tmplen + *sz + 1 >= *asz) {
 		do {
-			d = realloc(d, *asz + BUF_RESERVE_SIZE);
+			d = realloc(*src, *asz + BUF_RESERVE_SIZE);
 		} while (!d);
 		*src = d;
 		*asz += BUF_RESERVE_SIZE;
-- 
2.1.4