[Cluster-devel] [PATCH] don't dereference NULL upon failed realloc
Jim Meyering
jim at meyering.net
Mon Oct 13 14:10:34 UTC 2008
* gfs/tests/filecon2/filecon2_server.c (main): Fix typo (s/sock/ssin/)
that would make a failed realloc cause a NULL dereference.
* gnbd/tools/gnbd_export/gnbd_export.c (execute_uid_program):
Diagnose a failed realloc.
* group/dlm_controld/deadlock.c (add_waitfor): Handle failed realloc.
---
Hello,
I did a quick audit for uses of realloc and found a few
cases in which failure could lead to a NULL dereference.
This patch fixes those. Obviously, I didn't know quite
what (if anything) you'd want to write to the log when
deadlock.c's add_waitfor fails, so I left that as "...".
Jim
gfs/tests/filecon2/filecon2_server.c | 2 +-
gnbd/tools/gnbd_export/gnbd_export.c | 4 ++++
group/dlm_controld/deadlock.c | 10 ++++++++--
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/gfs/tests/filecon2/filecon2_server.c b/gfs/tests/filecon2/filecon2_server.c
index 904039e..bc59124 100644
--- a/gfs/tests/filecon2/filecon2_server.c
+++ b/gfs/tests/filecon2/filecon2_server.c
@@ -555,7 +555,7 @@ int main(int argc, char *argv[])
if (!sock)
die("can't alloc memory: %s\n", strerror(errno));
ssin = realloc(ssin, clients * sizeof(struct sockaddr_in));
- if (!sock)
+ if (!ssin)
die("can't alloc memory: %s\n", strerror(errno));
size = sizeof(struct sockaddr_in);
diff --git a/gnbd/tools/gnbd_export/gnbd_export.c b/gnbd/tools/gnbd_export/gnbd_export.c
index 1e4be29..50a805d 100644
--- a/gnbd/tools/gnbd_export/gnbd_export.c
+++ b/gnbd/tools/gnbd_export/gnbd_export.c
@@ -488,6 +488,10 @@ char *execute_uid_program(char *command){
delim = "'";
}
argv = realloc(argv, (size + 2) * sizeof(char **));
+ if (!argv){
+ printe("cannot allocate memory for command line\n");
+ exit(1);
+ }
argv[size++] = ptr;
ptr = strpbrk(ptr, delim);
if (!ptr){
diff --git a/group/dlm_controld/deadlock.c b/group/dlm_controld/deadlock.c
index eecd8a5..46644af 100644
--- a/group/dlm_controld/deadlock.c
+++ b/group/dlm_controld/deadlock.c
@@ -1334,10 +1334,16 @@ static void add_waitfor(struct lockspace *ls, struct dlm_lkb *waiting_lkb,
}
if (tr->waitfor_count == tr->waitfor_alloc) {
+ struct trans **new_waitfor;
old_alloc = tr->waitfor_alloc;
tr->waitfor_alloc += TR_NALLOC;
- tr->waitfor = realloc(tr->waitfor,
- tr->waitfor_alloc * sizeof(tr));
+ new_waitfor = realloc(tr->waitfor,
+ tr->waitfor_alloc * sizeof(*tr->waitfor));
+ if (new_waitfor == NULL) {
+ free(tr->waitfor);
+ log_group(ls, "failed to allocate ...");
+ return;
+ }
for (i = old_alloc; i < tr->waitfor_alloc; i++)
tr->waitfor[i] = NULL;
}
--
1.6.0.2.514.g23abd3
More information about the Cluster-devel
mailing list