exit on failure of any of the lib/common malloc wrappers

Previously, when these wrappers exhausted memory they would return a null
pointer leading to follow on memory corruption and debugging confusion. It seems
simpler to just stop when we run out of memory as we have no reasonable recovery
path at this time.

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e0dcc0c10473da7e21e0483528a8ea1efdab079d..3e4febfcf261b1a46c17ac58ef09e56da4408dee 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - graphviz-2.42.2-coverity-scan-fixes.patch
   - graphviz-2.42.2-dotty-menu-fix.patch
   - graphviz-2.42.2-ocaml-allow-const-cast.patch
+- some allocation failures that could previously allow memory corruption now exit
 
 ### Fixed
 - Neato's hier mode is broken since v2.44.0 #1726

diff --git a/lib/common/memory.c b/lib/common/memory.c
index 2c6649e6bcae8c0e7d185d8359f78fb4bfc9908f..ab1006e4761aac823ea8d52ab2d8af3f53b31c8a 100644 (file)
--- a/lib/common/memory.c
+++ b/lib/common/memory.c
@@ -14,6 +14,7 @@
 #include "config.h"
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include "memory.h"
 
@@ -32,7 +33,7 @@ void *zrealloc(void *ptr, size_t size, size_t elt, size_t osize)
     void *p = realloc(ptr, size * elt);
     if (p == NULL && size) {
        fprintf(stderr, "out of memory\n");
-       return p;
+       exit(EXIT_FAILURE);
     }
     if (osize < size)
        memset((char *) p + (osize * elt), '\0', (size - osize) * elt);
@@ -47,6 +48,7 @@ void *gmalloc(size_t nbytes)
     rv = malloc(nbytes);
     if (rv == NULL) {
        fprintf(stderr, "out of memory\n");
+       exit(EXIT_FAILURE);
     }
     return rv;
 }
@@ -56,6 +58,7 @@ void *grealloc(void *ptr, size_t size)
     void *p = realloc(ptr, size);
     if (p == NULL && size) {
        fprintf(stderr, "out of memory\n");
+       exit(EXIT_FAILURE);
     }
     return p;
 }