[PATCH] don't dereference NULL upon failed malloc and realloc

[PATCH] don't dereference NULL upon failed malloc and realloc

[Jim Meyering]

Hello,

I noticed some potential NULL-deref-after-failed-malloc/realloc.
Here's one way to fix them:

From 4c51394b3fc14f108404689dade9629bc6b0cefc Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Sun, 21 Jun 2009 17:13:38 +0200
Subject: [PATCH] don't dereference NULL upon failed malloc and realloc

* src/ftfont.c (setup_otf_gstring, ftfont_shape_by_flt): Use xmalloc
and xrealloc, so subsequent dereferences of unchecked *alloc-return
values are valid.
---
 ChangeLog    |    7 +++++++
 src/ftfont.c |   16 ++++++++--------
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3099ced..a277f07 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2009-06-21  Jim Meyering  <meyering@redhat.com>
+
+	don't dereference NULL upon failed malloc and realloc
+	* src/ftfont.c (setup_otf_gstring, ftfont_shape_by_flt): Use xmalloc
+	and xrealloc, so subsequent dereferences of unchecked *alloc-return
+	values are valid.
+
 2009-06-12  Chong Yidong  <cyd@stupidchicken.com>

 	* configure.in: Delete mac-fix-env target, which has been
diff --git a/src/ftfont.c b/src/ftfont.c
index 7dcdee6..3119291 100644
--- a/src/ftfont.c
+++ b/src/ftfont.c
@@ -1700,13 +1700,13 @@ setup_otf_gstring (int size)
 {
   if (otf_gstring.size == 0)
     {
-      otf_gstring.glyphs = (OTF_Glyph *) malloc (sizeof (OTF_Glyph) * size);
+      otf_gstring.glyphs = (OTF_Glyph *) xmalloc (sizeof (OTF_Glyph) * size);
       otf_gstring.size = size;
     }
   else if (otf_gstring.size < size)
     {
-      otf_gstring.glyphs = (OTF_Glyph *) realloc (otf_gstring.glyphs,
-						  sizeof (OTF_Glyph) * size);
+      otf_gstring.glyphs = xrealloc (otf_gstring.glyphs,
+				     sizeof (OTF_Glyph) * size);
       otf_gstring.size = size;
     }
   otf_gstring.used = size;
@@ -2037,13 +2037,13 @@ ftfont_shape_by_flt (lgstring, font, ft_face, otf)
     {
       gstring.allocated = len * 2;
       gstring.glyph_size = sizeof (MFLTGlyph);
-      gstring.glyphs = malloc (sizeof (MFLTGlyph) * gstring.allocated);
+      gstring.glyphs = xmalloc (sizeof (MFLTGlyph) * gstring.allocated);
     }
   else if (gstring.allocated < len * 2)
     {
       gstring.allocated = len * 2;
-      gstring.glyphs = realloc (gstring.glyphs,
-				sizeof (MFLTGlyph) * gstring.allocated);
+      gstring.glyphs = xrealloc (gstring.glyphs,
+				 sizeof (MFLTGlyph) * gstring.allocated);
     }
   memset (gstring.glyphs, 0, sizeof (MFLTGlyph) * len);
   for (i = 0; i < len; i++)
@@ -2092,8 +2092,8 @@ ftfont_shape_by_flt (lgstring, font, ft_face, otf)
       if (result != -2)
 	break;
       gstring.allocated += gstring.allocated;
-      gstring.glyphs = realloc (gstring.glyphs,
-				sizeof (MFLTGlyph) * gstring.allocated);
+      gstring.glyphs = xrealloc (gstring.glyphs,
+				 sizeof (MFLTGlyph) * gstring.allocated);
     }
   if (gstring.used > LGSTRING_GLYPH_LEN (lgstring))
     return Qnil;
--
1.6.3.2.448.g363bdb

Re: [PATCH] don't dereference NULL upon failed malloc and realloc

[Jim Meyering]

Jim Meyering wrote:
> Hello,
>
> I noticed some potential NULL-deref-after-failed-malloc/realloc.
> Here's one way to fix them:

If no one objects, I'll commit this in about 5 hours.

>>From 4c51394b3fc14f108404689dade9629bc6b0cefc Mon Sep 17 00:00:00 2001
> From: Jim Meyering <meyering@redhat.com>
> Date: Sun, 21 Jun 2009 17:13:38 +0200
> Subject: [PATCH] don't dereference NULL upon failed malloc and realloc
>
> * src/ftfont.c (setup_otf_gstring, ftfont_shape_by_flt): Use xmalloc
> and xrealloc, so subsequent dereferences of unchecked *alloc-return
> values are valid.
...