This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
memory allocation bug in posix_spawn_*
- To: libc-alpha at sources dot redhat dot com
- Subject: memory allocation bug in posix_spawn_*
- From: Bruno Haible <haible at ilog dot fr>
- Date: Sun, 1 Oct 2000 14:47:23 +0200 (CEST)
I had a program crashing in malloc in an fopen() call right after a call to
posix_spawn_file_actions_destroy(), and indeed the posix_spawn_file_actions_*
functions allocate too few memory.
2000-09-30 Bruno Haible <haible@clisp.cons.org>
* posix/spawn_faction_init.c: Include "spawn_int.h".
(__posix_spawn_file_actions_realloc): Fix second realloc argument.
*** glibc-20000928/posix/spawn_faction_init.c.bak Sat Apr 15 18:32:02 2000
--- glibc-20000928/posix/spawn_faction_init.c Sat Sep 30 21:17:04 2000
***************
*** 21,43 ****
#include <stdlib.h>
#include <string.h>
/* Function used to increase the size of the allocated array. This
function is called from the `add'-functions. */
int
__posix_spawn_file_actions_realloc (posix_spawn_file_actions_t *file_actions)
{
void *newmem = realloc (file_actions->__actions,
! file_actions->__allocated += 8);
if (newmem == NULL)
! {
! /* Not enough memory. */
! file_actions->__allocated -= 8;
! return ENOMEM;
! }
file_actions->__actions = (struct __spawn_action *) newmem;
return 0;
}
--- 21,44 ----
#include <stdlib.h>
#include <string.h>
+ #include "spawn_int.h"
+
/* Function used to increase the size of the allocated array. This
function is called from the `add'-functions. */
int
__posix_spawn_file_actions_realloc (posix_spawn_file_actions_t *file_actions)
{
+ int newalloc = file_actions->__allocated + 8;
void *newmem = realloc (file_actions->__actions,
! newalloc * sizeof (struct __spawn_action));
if (newmem == NULL)
! /* Not enough memory. */
! return ENOMEM;
file_actions->__actions = (struct __spawn_action *) newmem;
+ file_actions->__allocated = newalloc;
return 0;
}
*** glibc-20000928/posix/spawn_faction_addclose.c.bak Fri Aug 25 23:53:39 2000
--- glibc-20000928/posix/spawn_faction_addclose.c Sat Sep 30 21:10:36 2000
***************
*** 35,44 ****
if (fd < 0 || fd >= maxfd)
return EBADF;
! /* Allocate more memory of needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* THis can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */
--- 35,44 ----
if (fd < 0 || fd >= maxfd)
return EBADF;
! /* Allocate more memory if needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* This can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */
*** glibc-20000928/posix/spawn_faction_adddup2.c.bak Fri Aug 25 23:53:39 2000
--- glibc-20000928/posix/spawn_faction_adddup2.c Sat Sep 30 21:09:26 2000
***************
*** 35,44 ****
if (fd < 0 || newfd < 0 || fd >= maxfd || newfd >= maxfd)
return EBADF;
! /* Allocate more memory of needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* THis can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */
--- 35,44 ----
if (fd < 0 || newfd < 0 || fd >= maxfd || newfd >= maxfd)
return EBADF;
! /* Allocate more memory if needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* This can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */
*** glibc-20000928/posix/spawn_faction_addopen.c.bak Fri Aug 25 23:53:39 2000
--- glibc-20000928/posix/spawn_faction_addopen.c Sat Sep 30 21:08:52 2000
***************
*** 36,45 ****
if (fd < 0 || fd >= maxfd)
return EBADF;
! /* Allocate more memory of needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* THis can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */
--- 36,45 ----
if (fd < 0 || fd >= maxfd)
return EBADF;
! /* Allocate more memory if needed. */
if (file_actions->__used == file_actions->__allocated
&& __posix_spawn_file_actions_realloc (file_actions) != 0)
! /* This can only mean we ran out of memory. */
return ENOMEM;
/* Add the new value. */