From a99bf5be584425a1ea5edad38df494c971e4c332 Mon Sep 17 00:00:00 2001 From: Matthew Fernandez Date: Sat, 27 Aug 2022 08:45:31 -0700 Subject: [PATCH] cgraph memresize: fix out-of-bounds write on allocation failure Callers of this function appear to anticipate the possibility of failure, e.g. `agrealloc`. But the function itself was attempting to zero newly allocated memory even if the allocation call failed. --- lib/cgraph/mem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/cgraph/mem.c b/lib/cgraph/mem.c index fb30fa812..bdc131f48 100644 --- a/lib/cgraph/mem.c +++ b/lib/cgraph/mem.c @@ -34,7 +34,7 @@ static void *memresize(void *heap, void *ptr, size_t oldsize, (void)heap; rv = realloc(ptr, request); - if (request > oldsize) + if (rv != NULL && request > oldsize) memset((char *) rv + oldsize, 0, request - oldsize); return rv; } -- 2.40.0