[PATCH] tools: Fix realloc() use in fdarray__grow()

From: Jann Horn
Date: Sat Feb 29 2020 - 11:26:37 EST

Next message: Winkler, Tomas: "RE: [PATCH v1] mei: Don't encourage to use kernel internal types in user code"
Previous message: Oleksandr Suvorov: "[PATCH 2/2] spi: spidev: fix speed setting message"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If `entries != NULL`, then `fda->entries` has been freed, so whatever
happens afterwards, we must store `entries` in `fda->entries`.
If we bail out at the second realloc(), the new allocation will be bigger
than what fda->nr_alloc says, but that's fine.

Fixes: 2171a9256862 ("tools lib fd array: Allow associating an integer cookie with each entry")
Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
---
To the maintainer:
I'm not sure about the etiquette for using CC stable in
patches for somewhat theoretical issues in userland tools;
feel free to tack a CC stable onto this if you think it
should go into stable.

tools/lib/api/fd/array.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/tools/lib/api/fd/array.c b/tools/lib/api/fd/array.c
index 58d44d5eee31..acf8eca1a94a 100644
--- a/tools/lib/api/fd/array.c
+++ b/tools/lib/api/fd/array.c
@@ -27,15 +27,13 @@ int fdarray__grow(struct fdarray *fda, int nr)

if (entries == NULL)
return -ENOMEM;
+ fda->entries = entries;

priv = realloc(fda->priv, psize);
- if (priv == NULL) {
- free(entries);
+ if (priv == NULL)
return -ENOMEM;
- }

fda->nr_alloc = nr_alloc;
- fda->entries = entries;
fda->priv = priv;
return 0;
}
--
2.25.0

Next message: Winkler, Tomas: "RE: [PATCH v1] mei: Don't encourage to use kernel internal types in user code"
Previous message: Oleksandr Suvorov: "[PATCH 2/2] spi: spidev: fix speed setting message"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]