Building on GCC-13 stops on the below build error:
[ 16s] [ 64%] Built target test1-default-sleep
[ 17s] /home/abuild/rpmbuild/BUILD/crash-worker-7.0.1/src/dump_systemstate-service/dump_systemstate-service.c: In function 'split':
[ 17s] /home/abuild/rpmbuild/BUILD/crash-worker-7.0.1/src/dump_systemstate-service/dump_systemstate-service.c:101:25: error: pointer 'result' may be used after 'realloc' [-Werror=use-after-free]
[ 17s] 101 | free(result);
[ 17s] | ^~~~~~~~~~~~
[ 17s] /home/abuild/rpmbuild/BUILD/crash-worker-7.0.1/src/dump_systemstate-service/dump_systemstate-service.c:92:37: note: call to 'realloc' here
[ 17s] 92 | char **result_tmp = realloc(result, (*size + 1) * sizeof(char *));
[ 17s] | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Since the memory area pointed by `result` can be freed by `realloc`,
`result` should be freed conditionally.
Change-Id: I09ee12f83073665ef37788fa948b72ce3883ea3f
Signed-off-by: Sung-hun Kim <sfoon.kim@samsung.com>
char **result_tmp = realloc(result, (*size + 1) * sizeof(char *));
char *chunk_copy = strdup(chunk);
char **result_tmp = realloc(result, (*size + 1) * sizeof(char *));
char *chunk_copy = strdup(chunk);
- if (result_tmp == NULL || chunk_copy == NULL) {
+ if (result_tmp == NULL) {
- if (result_tmp != NULL)
- free(result_tmp);
+ if (result != NULL)
+ free(result);
+ result = NULL;
+
if (chunk_copy != NULL)
free(chunk_copy);
if (chunk_copy != NULL)
free(chunk_copy);
+ goto out;
+ }
+
+ if (chunk_copy == NULL) {
+ _E("Out of memory");
+ free(result_tmp);
result = NULL;
goto out;
}
result = NULL;
goto out;
}