Gregor Best wrote: > On Tue, Jul 14, 2015 at 09:57:45AM -0600, Todd C. Miller wrote: > > [...] > > Shouldn't this be: > > > > p = (p - *store) + newstore; > > [...] > > Of course, that makes way more sense. An amended patch is attached.
so technically i believe this is still undefined since you're not supposed to look at freed pointers. an even more better fix would be to save the offset before the realloc.
