The behavior of calloc() when being passed `0` as `nelem` is implementation
defined. It may return a NULL pointer.

Avoid this issue by checking before allocating. While doing so adjust the local
integer variables that are used to refer to memory offsets to `size_t`.

This issue was introced in commit f91ac19299fe216a793ba6550dca06b688b31549. This
patch should be backported together with that commit.
---
 src/pattern.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/pattern.c b/src/pattern.c
index 3ea1f33d4..a9425b047 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -2660,10 +2660,10 @@ static int cmp_pat_ref(const void *_a, const void *_b)
  */
 int pattern_finalize_config(void)
 {
-       int len = 0;
-       int unassigned_pos = 0;
+       size_t len = 0;
+       size_t unassigned_pos = 0;
        int next_unique_id = 0;
-       int i, j;
+       size_t i, j;
        struct pat_ref *ref, **arr;
        struct list pr = LIST_HEAD_INIT(pr);
 
@@ -2676,6 +2676,10 @@ int pattern_finalize_config(void)
                        unassigned_pos++;
        }
 
+       if (len == 0) {
+               return 0;
+       }
+
        arr = calloc(len, sizeof(*arr));
        if (arr == NULL) {
                ha_alert("Out of memory error.\n");
-- 
2.25.1


Reply via email to