From: Jan Schreiber <jes@posteo.de>
Subject: watch: missing calloc return check
To: tech@openbsd.org
Date: Fri, 03 Apr 2026 19:20:45 +0000

Hi,

this calloc call never got NULL checked and cmdstr was not free'd.
The missing free before exit(0) didn't hurt anything except the consistency.

Jan

diff --git usr.bin/watch/watch.c usr.bin/watch/watch.c
index 1d5f8248fb5..3502a72d52b 100644
--- usr.bin/watch/watch.c
+++ usr.bin/watch/watch.c
@@ -447,6 +447,9 @@ start_child()
 	int fds[2];
 
 	child = calloc(1, sizeof(*child));
+	if ((child = calloc(1, sizeof(*child))) == NULL)
+		err(1, "calloc");
+
 	child->bufsiz = sizeof(child->buf);
 
 	if (pipe(fds) == -1)
@@ -910,6 +913,7 @@ quit(void)
 	refresh();
 	endwin();
 	free(cmdv);
+	free(cmdstr);
 	exit(0);
 }