[Cluster-devel] [PATCH] don't dereference NULL upon failed realloc

Jim Meyering jim at meyering.net
Mon Oct 13 14:10:34 UTC 2008 

* gfs/tests/filecon2/filecon2_server.c (main): Fix typo (s/sock/ssin/)
that would make a failed realloc cause a NULL dereference.
* gnbd/tools/gnbd_export/gnbd_export.c (execute_uid_program):
Diagnose a failed realloc.
* group/dlm_controld/deadlock.c (add_waitfor): Handle failed realloc.
---

Hello,

I did a quick audit for uses of realloc and found a few
cases in which failure could lead to a NULL dereference.
This patch fixes those.  Obviously, I didn't know quite
what (if anything) you'd want to write to the log when
deadlock.c's add_waitfor fails, so I left that as "...".

Jim

 gfs/tests/filecon2/filecon2_server.c |    2 +-
 gnbd/tools/gnbd_export/gnbd_export.c |    4 ++++
 group/dlm_controld/deadlock.c        |   10 ++++++++--
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/gfs/tests/filecon2/filecon2_server.c b/gfs/tests/filecon2/filecon2_server.c
index 904039e..bc59124 100644
--- a/gfs/tests/filecon2/filecon2_server.c
+++ b/gfs/tests/filecon2/filecon2_server.c
@@ -555,7 +555,7 @@ int main(int argc, char *argv[])
       if (!sock)
 	die("can't alloc memory: %s\n", strerror(errno));
       ssin = realloc(ssin, clients * sizeof(struct sockaddr_in));
-      if (!sock)
+      if (!ssin)
 	die("can't alloc memory: %s\n", strerror(errno));

       size = sizeof(struct sockaddr_in);
diff --git a/gnbd/tools/gnbd_export/gnbd_export.c b/gnbd/tools/gnbd_export/gnbd_export.c
index 1e4be29..50a805d 100644
--- a/gnbd/tools/gnbd_export/gnbd_export.c
+++ b/gnbd/tools/gnbd_export/gnbd_export.c
@@ -488,6 +488,10 @@ char *execute_uid_program(char *command){
       delim = "'";
     }
     argv = realloc(argv, (size + 2) * sizeof(char **));
+    if (!argv){
+      printe("cannot allocate memory for command line\n");
+      exit(1);
+    }
     argv[size++] = ptr;
     ptr = strpbrk(ptr, delim);
     if (!ptr){
diff --git a/group/dlm_controld/deadlock.c b/group/dlm_controld/deadlock.c
index eecd8a5..46644af 100644
--- a/group/dlm_controld/deadlock.c
+++ b/group/dlm_controld/deadlock.c
@@ -1334,10 +1334,16 @@ static void add_waitfor(struct lockspace *ls, struct dlm_lkb *waiting_lkb,
 	}

 	if (tr->waitfor_count == tr->waitfor_alloc) {
+		struct trans **new_waitfor;
 		old_alloc = tr->waitfor_alloc;
 		tr->waitfor_alloc += TR_NALLOC;
-		tr->waitfor = realloc(tr->waitfor,
-				      tr->waitfor_alloc * sizeof(tr));
+		new_waitfor = realloc(tr->waitfor,
+				      tr->waitfor_alloc * sizeof(*tr->waitfor));
+		if (new_waitfor == NULL) {
+			free(tr->waitfor);
+			log_group(ls, "failed to allocate ...");
+			return;
+		}
 		for (i = old_alloc; i < tr->waitfor_alloc; i++)
 			tr->waitfor[i] = NULL;
 	}
--
1.6.0.2.514.g23abd3

More information about the Cluster-devel mailing list