On Fri, Sep 07, 2018 at 09:15:30PM +0200, Clemens Goessnitzer wrote: > This patch adds 2 missing NULL pointer checks to rebound.c after malloc().
The same function also contains an unchecked calloc. > Index: rebound.c > =================================================================== > RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v > retrieving revision 1.98 > diff -u -p -r1.98 rebound.c > --- rebound.c 1 May 2018 15:14:43 -0000 1.98 > +++ rebound.c 7 Sep 2018 19:12:13 -0000 > @@ -643,6 +643,8 @@ preloadcache(const char *name, uint16_t > /* header + len + name + type + class */ > reqlen = sizeof(*req) + 1 + strlen(name) + 2 + 2; > req = malloc(reqlen); > + if (req == NULL) > + return; > > req->id = 0; > req->flags = htons(0x100); > @@ -661,6 +663,9 @@ preloadcache(const char *name, uint16_t > /* req + name (compressed) + type + class + ttl + len + data */ > resplen = reqlen + 2 + 2 + 2 + 4 + 2 + rdatalen; > resp = malloc(resplen); > + if (resp == NULL) > + return; > + > memcpy(resp, req, reqlen); > resp->flags = htons(0x100 | 0x8000); /* response */ > resp->ancount = htons(1);
