mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-21 12:30:06 +00:00
nis: Fix leak on realloc failure in nis_getnames [BZ #28150]
If pos >= count but realloc fails, tmp will not have been placed in getnames[pos] yet, and so will not be freed in free_null. Detected by Coverity. Also remove misleading comment from nis_getnames(), since it actually did properly release getnames when out of memory. Tested-by: Carlos O'Donell <carlos@redhat.com>
This commit is contained in:
parent
db737c79c6
commit
6069826312
@ -103,9 +103,6 @@ count_dots (const_nis_name str)
|
||||
return count;
|
||||
}
|
||||
|
||||
/* If we run out of memory, we don't give already allocated memory
|
||||
free. The overhead for bringing getnames back in a safe state to
|
||||
free it is to big. */
|
||||
nis_name *
|
||||
nis_getnames (const_nis_name name)
|
||||
{
|
||||
@ -271,7 +268,10 @@ nis_getnames (const_nis_name name)
|
||||
nis_name *newp = realloc (getnames,
|
||||
(count + 1) * sizeof (char *));
|
||||
if (__glibc_unlikely (newp == NULL))
|
||||
goto free_null;
|
||||
{
|
||||
free (tmp);
|
||||
goto free_null;
|
||||
}
|
||||
getnames = newp;
|
||||
}
|
||||
getnames[pos] = tmp;
|
||||
|
Loading…
Reference in New Issue
Block a user