From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=50373 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PevoQ-000594-7g
	for qemu-devel@nongnu.org; Mon, 17 Jan 2011 15:36:27 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefan@weilnetz.de>) id 1PevoO-00035X-Ga
	for qemu-devel@nongnu.org; Mon, 17 Jan 2011 15:36:26 -0500
Received: from moutng.kundenserver.de ([212.227.126.171]:57114)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefan@weilnetz.de>) id 1PevoO-00034c-3f
	for qemu-devel@nongnu.org; Mon, 17 Jan 2011 15:36:24 -0500
From: Stefan Weil <weil@mail.berlios.de>
Date: Mon, 17 Jan 2011 21:36:06 +0100
Message-Id: <1295296566-30287-1-git-send-email-weil@mail.berlios.de>
Subject: [Qemu-devel] [PATCH] linux-user: Fix possible realloc memory leak
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: QEMU Developers <qemu-devel@nongnu.org>
Cc: Riku Voipio <riku.voipio@iki.fi>

Extract from "man realloc":
"If realloc() fails the original block is left untouched;
it is not freed or moved."

Fix a possible memory leak (reported by cppcheck).

Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
---
 linux-user/elfload.c |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index ab03e16..f9bd849 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -1474,7 +1474,7 @@ static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias)
     struct elf_shdr *shdr;
     char *strings;
     struct syminfo *s;
-    struct elf_sym *syms;
+    struct elf_sym *syms, *new_syms;
 
     shnum = hdr->e_shnum;
     i = shnum * sizeof(struct elf_shdr);
@@ -1543,12 +1543,14 @@ static void load_symbols(struct elfhdr *hdr, int fd, abi_ulong load_bias)
        that we threw away.  Whether or not this has any effect on the
        memory allocation depends on the malloc implementation and how
        many symbols we managed to discard.  */
-    syms = realloc(syms, nsyms * sizeof(*syms));
-    if (syms == NULL) {
+    new_syms = realloc(syms, nsyms * sizeof(*syms));
+    if (new_syms == NULL) {
         free(s);
+        free(syms);
         free(strings);
         return;
     }
+    syms = new_syms;
 
     qsort(syms, nsyms, sizeof(*syms), symcmp);
 
-- 
1.7.2.3