stefan pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=2b8742c0ab1ec1d129b1114ca21f23a149f44d87
commit 2b8742c0ab1ec1d129b1114ca21f23a149f44d87 Author: Stefan Schmidt <[email protected]> Date: Tue Jun 16 11:03:26 2020 +0200 modules: eina: chained_pool: check for NULL before passing it to deref Make sure we check if pool->first_fill is NULL before passing it onwards where it gets dereferenced. In case this happens return NULL instead of garbage. CID: 1293520 Reviewed-by: Christopher Michael <[email protected]> Differential Revision: https://phab.enlightenment.org/D11980 --- src/modules/eina/mp/chained_pool/eina_chained_mempool.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/eina/mp/chained_pool/eina_chained_mempool.c b/src/modules/eina/mp/chained_pool/eina_chained_mempool.c index 261b02c200..853457b684 100644 --- a/src/modules/eina/mp/chained_pool/eina_chained_mempool.c +++ b/src/modules/eina/mp/chained_pool/eina_chained_mempool.c @@ -274,7 +274,7 @@ eina_chained_mempool_malloc(void *data, EINA_UNUSED unsigned int size) { Chained_Mempool *pool = data; Chained_Pool *p = NULL; - void *mem; + void *mem = NULL; if (!eina_spinlock_take(&pool->mutex)) { @@ -321,10 +321,10 @@ eina_chained_mempool_malloc(void *data, EINA_UNUSED unsigned int size) _eina_chained_mp_pool_cmp, NULL); } - mem = _eina_chained_mempool_alloc_in(pool, pool->first_fill); + if (pool->first_fill) + mem = _eina_chained_mempool_alloc_in(pool, pool->first_fill); eina_spinlock_release(&pool->mutex); - return mem; } --
