commit 4182a14424c1e27b943187e230948ee31d6d66ba
Author: Laslo Hunhold <[email protected]>
AuthorDate: Sat Oct 8 13:14:48 2022 +0200
Commit: Laslo Hunhold <[email protected]>
CommitDate: Sat Oct 8 13:14:48 2022 +0200
Avoid undefined behaviour and memory leaks in case-data-generator
This was found using the clang-sanitizers and was pretty tough to spot.
The first part does not influence program-operation as is, but checking
first if tmp2 is NULL avoids undefined behaviour of adding a non-zero
offset to NULL.
Signed-off-by: Laslo Hunhold <[email protected]>
diff --git a/gen/case.c b/gen/case.c
index f953fdc..174a8bd 100644
--- a/gen/case.c
+++ b/gen/case.c
@@ -119,11 +119,14 @@ parse_cp_list(const char *str, uint_least32_t **cp,
size_t *cplen)
}
/* go through the string again, parsing the numbers */
- for (i = 0, tmp1 = tmp2 = str; tmp2 != NULL; i++, tmp1 = tmp2 + 1) {
+ for (i = 0, tmp1 = tmp2 = str; tmp2 != NULL; i++) {
tmp2 = strchr(tmp1, ' ');
if (hextocp(tmp1, tmp2 ? (size_t)(tmp2 - tmp1) : strlen(tmp1),
&((*cp)[i]))) {
return 1;
}
+ if (tmp2 != NULL) {
+ tmp1 = tmp2 + 1;
+ }
}
return 0;
@@ -298,5 +301,18 @@ main(int argc, char *argv[])
}
printf("};\n\n");
+ free(comp_lower.data);
+ free(comp_lower.offset);
+ free(comp_title.data);
+ free(comp_title.offset);
+ free(comp_upper.data);
+ free(comp_upper.offset);
+ free(mm_lower.major);
+ free(mm_lower.minor);
+ free(mm_title.major);
+ free(mm_title.minor);
+ free(mm_upper.major);
+ free(mm_upper.minor);
+
return 0;
}
