Download raw body.
fix potential NULL dereference in copy_list() on OOM
While reviewing echo.c I noticed that copy_list() carefully handles
malloc() failure with a full cleanup and return NULL, but the strdup()
call two lines below it has no error check. On OOM, this would result in
a NULL l_name being silently added to the list, potentially causing a
NULL dereference in the caller. The following patch makes the error
handling consistent.
No idea how to trigger it, but it sure looks better.
BR
Han
--- a/echo.c
+++ b/echo.c
@@ -1011,8 +1011,17 @@
}
return (NULL);
}
- current->l_next = last;
current->l_name = strdup(lp->l_name);
+ if (current->l_name == NULL) {
+ free(current);
+ for (current = last; current; current = nxt) {
+ nxt = current->l_next;
+ free(current->l_name);
+ free(current);
+ }
+ return (NULL);
+ }
+ current->l_next = last;
last = current;
lp = lp->l_next;
}
fix potential NULL dereference in copy_list() on OOM