* [PATCH] android/client: Fix memory leak while using realloc()
@ 2015-07-22 8:33 Atul Rai
2015-07-24 17:07 ` Vinicius Costa Gomes
0 siblings, 1 reply; 3+ messages in thread
From: Atul Rai @ 2015-07-22 8:33 UTC (permalink / raw)
To: linux-bluetooth; +Cc: sachin.dev
While reallocating space to store additional "remote device set" using
realloc, if realloc() fails, the original block is left untouched but
reference to that block is lost as NULL is assigned to remote_devices.
The original block needs to be freed before return.
---
android/client/if-bt.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/android/client/if-bt.c b/android/client/if-bt.c
index 4723024..4249f78 100644
--- a/android/client/if-bt.c
+++ b/android/client/if-bt.c
@@ -94,6 +94,7 @@ static int remote_devices_capacity = 0;
void add_remote_device(const bt_bdaddr_t *addr)
{
int i;
+ bt_bdaddr_t *tmp;
if (remote_devices == NULL) {
remote_devices = malloc(4 * sizeof(bt_bdaddr_t));
@@ -119,9 +120,16 @@ void add_remote_device(const bt_bdaddr_t *addr)
/* Realloc space if needed */
if (remote_devices_cnt >= remote_devices_capacity) {
remote_devices_capacity *= 2;
+ /*
+ * Save reference to previously allocated memory block so that
+ * it can be freed in case realloc fails.
+ */
+ tmp = remote_devices;
+
remote_devices = realloc(remote_devices, sizeof(bt_bdaddr_t) *
remote_devices_capacity);
if (remote_devices == NULL) {
+ free(tmp);
remote_devices_capacity = 0;
remote_devices_cnt = 0;
return;
--
2.1.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] android/client: Fix memory leak while using realloc()
2015-07-22 8:33 [PATCH] android/client: Fix memory leak while using realloc() Atul Rai
@ 2015-07-24 17:07 ` Vinicius Costa Gomes
0 siblings, 0 replies; 3+ messages in thread
From: Vinicius Costa Gomes @ 2015-07-24 17:07 UTC (permalink / raw)
To: Atul Rai, linux-bluetooth; +Cc: sachin.dev
Hi,
Atul Rai <a.rai@samsung.com> writes:
> While reallocating space to store additional "remote device set" using
> realloc, if realloc() fails, the original block is left untouched but
> reference to that block is lost as NULL is assigned to remote_devices.
> The original block needs to be freed before return.
> ---
> android/client/if-bt.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/android/client/if-bt.c b/android/client/if-bt.c
> index 4723024..4249f78 100644
> --- a/android/client/if-bt.c
> +++ b/android/client/if-bt.c
> @@ -94,6 +94,7 @@ static int remote_devices_capacity = 0;
> void add_remote_device(const bt_bdaddr_t *addr)
> {
> int i;
> + bt_bdaddr_t *tmp;
>
> if (remote_devices == NULL) {
> remote_devices = malloc(4 * sizeof(bt_bdaddr_t));
> @@ -119,9 +120,16 @@ void add_remote_device(const bt_bdaddr_t *addr)
> /* Realloc space if needed */
> if (remote_devices_cnt >= remote_devices_capacity) {
I would move 'tmp' declaration here. Makes it clear that it is only used
in this context.
Apart from that, looks OK.
> remote_devices_capacity *= 2;
> + /*
> + * Save reference to previously allocated memory block so that
> + * it can be freed in case realloc fails.
> + */
> + tmp = remote_devices;
> +
> remote_devices = realloc(remote_devices, sizeof(bt_bdaddr_t) *
> remote_devices_capacity);
> if (remote_devices == NULL) {
> + free(tmp);
> remote_devices_capacity = 0;
> remote_devices_cnt = 0;
> return;
> --
> 2.1.4
Cheers,
--
Vinicius
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] android/client: Fix memory leak while using realloc()
@ 2015-07-27 4:10 Atul Rai
0 siblings, 0 replies; 3+ messages in thread
From: Atul Rai @ 2015-07-27 4:10 UTC (permalink / raw)
To: vinicius.gomes, linux-bluetooth; +Cc: sachin.dev
Hi Vinicius,
Thanks for the review.
I will upload patch version 2 after incorporating suggested changes.
> Hi,
>
> Atul Rai <a.rai@samsung.com> writes:
>
>> While reallocating space to store additional "remote device set" using
>> realloc, if realloc() fails, the original block is left untouched but
>> reference to that block is lost as NULL is assigned to remote_devices.
>> The original block needs to be freed before return.
>> ---
>> android/client/if-bt.c | 8 ++++++++
>> 1 file changed, 8 insertions(+)
>>
>> diff --git a/android/client/if-bt.c b/android/client/if-bt.c
>> index 4723024..4249f78 100644
>> --- a/android/client/if-bt.c
>> +++ b/android/client/if-bt.c
>> @@ -94,6 +94,7 @@ static int remote_devices_capacity = 0;
>> void add_remote_device(const bt_bdaddr_t *addr)
>> {
>> int i;
>> + bt_bdaddr_t *tmp;
>>
>> if (remote_devices == NULL) {
>> remote_devices = malloc(4 * sizeof(bt_bdaddr_t));
>> @@ -119,9 +120,16 @@ void add_remote_device(const bt_bdaddr_t *addr)
>> /* Realloc space if needed */
>> if (remote_devices_cnt >= remote_devices_capacity) {
>
> I would move 'tmp' declaration here. Makes it clear that it is only used
> in this context.
>
> Apart from that, looks OK.
>
>> remote_devices_capacity *= 2;
>> + /*
>> + * Save reference to previously allocated memory block so that
>> + * it can be freed in case realloc fails.
>> + */
>> + tmp = remote_devices;
>> +
>> remote_devices = realloc(remote_devices, sizeof(bt_bdaddr_t) *
>> remote_devices_capacity);
>> if (remote_devices == NULL) {
>> + free(tmp);
>> remote_devices_capacity = 0;
>> remote_devices_cnt = 0;
>> return;
>> --
>> 2.1.4
>
>
> Cheers,
> --
> Vinicius
>
Regards,
-Atul Rai
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-07-27 4:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-07-22 8:33 [PATCH] android/client: Fix memory leak while using realloc() Atul Rai
2015-07-24 17:07 ` Vinicius Costa Gomes
-- strict thread matches above, loose matches on Subject: below --
2015-07-27 4:10 Atul Rai
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.