Avoid memory leak when realloc() fails in split_into_words()

Reported by Oracle Parfait: Error: Memory leak Memory leak [memory-leak] (CWE 401): Memory leak of pointer argv allocated with malloc(32) at line 283 of process.c in function 'split_into_words'. argv allocated at line 264 with malloc(32) argv leaks when cur == total at line 280. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
author: Alan Coopersmith <alan.coopersmith@oracle.com> 2020-05-10 11:27:25 -0700
committer: Alan Coopersmith <alan.coopersmith@oracle.com> 2020-05-10 11:27:25 -0700
commit: af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3 (patch)
tree: 6f66f4af2857c6e98d12a6d9cbf28ed833728e7a
parent: f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452 (diff)
download: xorg-app-xauth-af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3.tar.gz
1 files changed, 8 insertions, 2 deletions
diff --git a/process.c b/process.c
index 044611b..b6e2591 100644
--- a/process.c
+++ b/process.c
@@ -278,9 +278,15 @@ split_into_words(char *src, int *argcp)  /* argvify string */
 	savec = *src;
 	*src = '\0';
 	if (cur == total) {
+	    const char **new_argv;
 	    total += WORDSTOALLOC;
-	    argv = realloc (argv, total * sizeof (char *));
-	    if (!argv) return NULL;
+	    new_argv = realloc (argv, total * sizeof (char *));
+	    if (new_argv != NULL) {
+		argv = new_argv;
+	    } else {
+		free(argv);
+		return NULL;
+	    }
 	}
 	argv[cur++] = jword;
 	if (savec) src++;		/* if not last on line advance */
author	Alan Coopersmith <alan.coopersmith@oracle.com>	2020-05-10 11:27:25 -0700
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2020-05-10 11:27:25 -0700
commit	af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3 (patch)
tree	6f66f4af2857c6e98d12a6d9cbf28ed833728e7a
parent	f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452 (diff)
download	xorg-app-xauth-af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3.tar.gz