exit on failure of any of the lib/common malloc wrappers

Previously, when these wrappers exhausted memory they would return a null
pointer leading to follow on memory corruption and debugging confusion. It seems
simpler to just stop when we run out of memory as we have no reasonable recovery
path at this time.

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a45020694858bf30d356a5eede4bee32e6a44ce6..c279769dc9644819b70afbc3992c78e99699a7f0 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - graphviz-2.42.2-coverity-scan-fixes.patch
   - graphviz-2.42.2-dotty-menu-fix.patch
   - graphviz-2.42.2-ocaml-allow-const-cast.patch
+- some allocation failures that could previously allow memory corruption now exit
 
 ### Fixed
 - Released Ubuntu packages does not contain language bindings for Python3 #1737

diff --git a/lib/common/memory.c b/lib/common/memory.c
index 2c6649e6bcae8c0e7d185d8359f78fb4bfc9908f..ab1006e4761aac823ea8d52ab2d8af3f53b31c8a 100644 (file)
--- a/lib/common/memory.c
+++ b/lib/common/memory.c
@@ -14,6 +14,7 @@
 #include "config.h"
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include "memory.h"
 
@@ -32,7 +33,7 @@ void *zrealloc(void *ptr, size_t size, size_t elt, size_t osize)
     void *p = realloc(ptr, size * elt);
     if (p == NULL && size) {
        fprintf(stderr, "out of memory\n");
-       return p;
+       exit(EXIT_FAILURE);
     }
     if (osize < size)
        memset((char *) p + (osize * elt), '\0', (size - osize) * elt);
@@ -47,6 +48,7 @@ void *gmalloc(size_t nbytes)
     rv = malloc(nbytes);
     if (rv == NULL) {
        fprintf(stderr, "out of memory\n");
+       exit(EXIT_FAILURE);
     }
     return rv;
 }
@@ -56,6 +58,7 @@ void *grealloc(void *ptr, size_t size)
     void *p = realloc(ptr, size);
     if (p == NULL && size) {
        fprintf(stderr, "out of memory\n");
+       exit(EXIT_FAILURE);
     }
     return p;
 }