The function savebuf (and therefore savestr) copy strings using malloc. If
malloc fails, NULL is returned. This is intentional behavior so in case of
failure during "plan a" patching, "plan b" can step in.
The return value has to be properly checked for NULL. If the return
value must not be NULL, use xstrdup instead.
---
src/patch.c | 18 +++++++++---------
src/util.c | 9 +++++++++
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/src/patch.c b/src/patch.c
index 12028a9..adb2f25 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -865,7 +865,7 @@ get_some_switches (void)
case 'B':
if (!*optarg)
fatal ("backup prefix is empty");
- origprae = savestr (optarg);
+ origprae = xstrdup (optarg);
break;
case 'c':
diff_type = CONTEXT_DIFF;
@@ -875,7 +875,7 @@ get_some_switches (void)
pfatal ("Can't change to directory %s", quotearg (optarg));
break;
case 'D':
- do_defines = savestr (optarg);
+ do_defines = xstrdup (optarg);
break;
case 'e':
diff_type = ED_DIFF;
@@ -893,7 +893,7 @@ get_some_switches (void)
patch_get = numeric_string (optarg, true, "get option value");
break;
case 'i':
- patchname = savestr (optarg);
+ patchname = xstrdup (optarg);
break;
case 'l':
canonicalize = true;
@@ -921,13 +921,13 @@ get_some_switches (void)
noreverse = true;
break;
case 'o':
- outfile = savestr (optarg);
+ outfile = xstrdup (optarg);
break;
case 'p':
strippath = numeric_string (optarg, false, "strip count");
break;
case 'r':
- rejname = savestr (optarg);
+ rejname = xstrdup (optarg);
break;
case 'R':
reverse = true;
@@ -961,13 +961,13 @@ get_some_switches (void)
case 'Y':
if (!*optarg)
fatal ("backup basename prefix is empty");
- origbase = savestr (optarg);
+ origbase = xstrdup (optarg);
break;
case 'z':
case_z:
if (!*optarg)
fatal ("backup suffix is empty");
- origsuff = savestr (optarg);
+ origsuff = xstrdup (optarg);
break;
case 'Z':
set_utc = true;
@@ -1036,12 +1036,12 @@ get_some_switches (void)
/* Process any filename args. */
if (optind < Argc)
{
- inname = savestr (Argv[optind++]);
+ inname = xstrdup (Argv[optind++]);
explicit_inname = true;
invc = -1;
if (optind < Argc)
{
- patchname = savestr (Argv[optind++]);
+ patchname = xstrdup (Argv[optind++]);
if (optind < Argc)
{
fprintf (stderr, "%s: %s: extra operand\n",
diff --git a/src/util.c b/src/util.c
index 0af6013..a00aaa8 100644
--- a/src/util.c
+++ b/src/util.c
@@ -1477,6 +1477,8 @@ fetchname (char const *at, int strip_leading, char
**pname,
}
}
name = savebuf (at, t - at + 1);
+ if (! name)
+ return;
name[t - at] = 0;
}
@@ -1510,6 +1512,11 @@ fetchname (char const *at, int strip_leading, char
**pname,
if (u != t && *(u-1) == '\r')
u--;
timestr = savebuf (t, u - t + 1);
+ if (! timestr)
+ {
+ free (name);
+ return;
+ }
timestr[u - t] = 0;
}
@@ -1569,6 +1576,8 @@ parse_name (char const *s, int strip_leading, char const
**endp)
for (t = s; *t && ! ISSPACE ((unsigned char) *t); t++)
/* do nothing*/ ;
ret = savebuf (s, t - s + 1);
+ if (! ret)
+ return NULL;
ret[t - s] = 0;
if (endp)
*endp = t;
--
2.1.1
