diff options
author | Marcus Meissner <marcus@jet.franken.de> | 2016-02-06 16:30:40 +0100 |
---|---|---|
committer | Marcus Meissner <marcus@jet.franken.de> | 2016-02-06 16:30:40 +0100 |
commit | 3b926ac604a512c197bdcfb5ae4a7bedd9578d1e (patch) | |
tree | 94801be8bdf474c914f9ef4879902d155fd94210 | |
parent | 02474558ad865ba4f7d2d5e9b41816f98e85b842 (diff) | |
download | libgphoto2-3b926ac604a512c197bdcfb5ae4a7bedd9578d1e.tar.gz |
digigr8: fixed memory realloc issues
realloc(catalog) might free catalog, do not access it afterwards
unify catalog_tmp / catalog handling
1033337 Resource leak
-rw-r--r-- | camlibs/digigr8/digigr8.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/camlibs/digigr8/digigr8.c b/camlibs/digigr8/digigr8.c index 560916279..fcea1e32a 100644 --- a/camlibs/digigr8/digigr8.c +++ b/camlibs/digigr8/digigr8.c @@ -63,7 +63,9 @@ digi_init (GPPort *port, CameraPrivateLibrary *priv) for (i=0; i<0x4000 && catalog[i]; i+=16); priv->nb_entries = i>>4; catalog_tmp = realloc(catalog, i+16); - memset (catalog_tmp+i, 0, 16); + if (!catalog_tmp) return GP_ERROR_NO_MEMORY; + catalog = catalog_tmp; + memset (catalog+i, 0, 16); if (i) { /* * 0x913c cameras allow individual photo deletion. This causes @@ -73,13 +75,12 @@ digi_init (GPPort *port, CameraPrivateLibrary *priv) */ for (j=0; j<i; j+=16) { - if ((!catalog[j])||(catalog_tmp[j] == 0x64)) { - memcpy(catalog_tmp+j, catalog_tmp+j+16, i+16-j); + if ((!catalog[j]) || (catalog[j] == 0x64)) { + memmove(catalog+j, catalog+j+16, i+16-j); priv->nb_entries -- ; } } - if (catalog_tmp) priv->catalog = catalog_tmp; - else priv->catalog = catalog; + priv->catalog = catalog; } else { free (catalog); priv->catalog = NULL; /* We just have freed catalog_tmp */ |