tools: fix NULL_AFTER_DEREF in image-host.c
Report of the static analyzer: 1. NULL_AFTER_DEREF Pointer 'str', which is dereferenced at image-host.c:688 by calling function 'strdup', is compared to a NULL value at image-host.c:691. 2. NULL_AFTER_DEREF Pointer 'list', which is dereferenced at image-host.c:689, is compared to a NULL value at image-host.c:691. Corrections explained: 1. Checking for NULL before using pointers: The if (!list || !str) check is now performed before calling strdup and realloc, which prevents null pointer dereferences. 2. Checking the result of strdup: strdup can return NULL if memory allocation fails. This also needs to be checked. 3. Checking the result of realloc: If realloc returns NULL, then memory has not been allocated and dup must be freed to avoid memory leaks. Triggers found by static analyzer Svace. Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
This commit is contained in:
@@ -716,11 +716,20 @@ static int strlist_add(struct strlist *list, const char *str)
|
|||||||
{
|
{
|
||||||
char *dup;
|
char *dup;
|
||||||
|
|
||||||
dup = strdup(str);
|
|
||||||
list->strings = realloc(list->strings,
|
|
||||||
(list->count + 1) * sizeof(char *));
|
|
||||||
if (!list || !str)
|
if (!list || !str)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
dup = strdup(str);
|
||||||
|
if(!dup)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
list->strings = realloc(list->strings,
|
||||||
|
(list->count + 1) * sizeof(char *));
|
||||||
|
if (!list->strings) {
|
||||||
|
free(dup);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
list->strings[list->count++] = dup;
|
list->strings[list->count++] = dup;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
Reference in New Issue
Block a user