PR/395: Avoid infinite loop in oomem cleanup.
authorChristos Zoulas <christos@zoulas.com>
Tue, 28 Oct 2014 22:09:57 +0000 (22:09 +0000)
committerChristos Zoulas <christos@zoulas.com>
Tue, 28 Oct 2014 22:09:57 +0000 (22:09 +0000)
src/apprentice.c

index 8279971d098f481618d9348023be8296436e1881..4de8f6de06d5318341cbcfbc768035a69bd94c94 100644 (file)
@@ -32,7 +32,7 @@
 #include "file.h"
 
 #ifndef        lint
-FILE_RCSID("@(#)$File: apprentice.c,v 1.216 2014/09/24 19:49:07 christos Exp $")
+FILE_RCSID("@(#)$File: apprentice.c,v 1.217 2014/10/15 12:39:21 christos Exp $")
 #endif /* lint */
 
 #include "magic.h"
@@ -593,11 +593,9 @@ buffer_apprentice(struct magic_set *ms, struct magic **bufs,
                mlist_free(ms->mlist[i]);
                if ((ms->mlist[i] = mlist_alloc()) == NULL) {
                        file_oomem(ms, sizeof(*ms->mlist[i]));
-                       if (i != 0) {
-                               --i;
-                               do
-                                       mlist_free(ms->mlist[i]);
-                               while (i != 0);
+                       while (i-- > 0) {
+                               mlist_free(ms->mlist[i]);
+                               ms->mlist[i] = NULL;
                        }
                        return -1;
                }