[lxc-devel] [lxc/master] utils: fix lxc_string_split()
brauner on Github
lxc-bot at linuxcontainers.org
Sun Sep 25 15:21:40 UTC 2016
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 418 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160925/95831942/attachment.bin>
-------------- next part --------------
From 605ea1f73b0997e42ec5ac43e4d7a07debc54368 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at canonical.com>
Date: Sun, 25 Sep 2016 16:51:24 +0200
Subject: [PATCH] utils: fix lxc_string_split()
Make sure we don't return uninitialized memory.
Signed-off-by: Christian Brauner <christian.brauner at canonical.com>
---
src/lxc/utils.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 9a6ef4b..c72c26a 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -774,8 +774,8 @@ bool lxc_string_in_list(const char *needle, const char *haystack, char _sep)
char **lxc_string_split(const char *string, char _sep)
{
char *token, *str, *saveptr = NULL;
- char sep[2] = { _sep, '\0' };
- char **result = NULL;
+ char sep[2] = {_sep, '\0'};
+ char **tmp = NULL, **result = NULL;
size_t result_capacity = 0;
size_t result_count = 0;
int r, saved_errno;
@@ -783,7 +783,7 @@ char **lxc_string_split(const char *string, char _sep)
if (!string)
return calloc(1, sizeof(char *));
- str = alloca(strlen(string)+1);
+ str = alloca(strlen(string) + 1);
strcpy(str, string);
for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
r = lxc_grow_array((void ***)&result, &result_capacity, result_count + 1, 16);
@@ -796,7 +796,14 @@ char **lxc_string_split(const char *string, char _sep)
}
/* if we allocated too much, reduce it */
- return realloc(result, (result_count + 1) * sizeof(char *));
+ tmp = realloc(result, (result_count + 1) * sizeof(char *));
+ if (!tmp)
+ goto error_out;
+ result = tmp;
+ /* Make sure we don't return uninitialized memory. */
+ if (result_count == 0)
+ *result = NULL;
+ return result;
error_out:
saved_errno = errno;
lxc_free_array((void **)result, free);
More information about the lxc-devel
mailing list