From f05a089da96014435cce5c9f17f386ba846a1a6e Mon Sep 17 00:00:00 2001
From: Roland McGrath <roland@gnu.org>
Date: Thu, 10 Jun 2004 02:16:08 +0000
Subject: [BZ #199]

2004-06-08  Jakub Jelinek  <jakub@redhat.com>
	[BZ #199]
	* crypt/md5-crypt.c (__md5_crypt): Only update buflen if realloc
	succeeds.  Reported by Miles Ohlrich <miles@cray.com>.

	* elf/chroot_canon.c (chroot_canon): Avoid segfault if first malloc
	fails.  Avoid memory leak if realloc fails.
---
 elf/chroot_canon.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'elf')

diff --git a/elf/chroot_canon.c b/elf/chroot_canon.c
index 6b7e444..d29a032 100644
--- a/elf/chroot_canon.c
+++ b/elf/chroot_canon.c
@@ -1,5 +1,6 @@
 /* Return the canonical absolute name of a given file inside chroot.
-   Copyright (C) 1996,1997,1998,1999,2000,2001 Free Software Foundation, Inc.
+   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2004
+   Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -59,6 +60,9 @@ chroot_canon (const char *chroot, const char *name)
     }
 
   rpath = malloc (chroot_len + PATH_MAX);
+  if (rpath == NULL)
+    return NULL;
+
   rpath_limit = rpath + chroot_len + PATH_MAX;
 
   rpath_root = (char *) mempcpy (rpath, chroot, chroot_len) - 1;
@@ -108,7 +112,7 @@ chroot_canon (const char *chroot, const char *name)
 		new_size += PATH_MAX;
 	      new_rpath = (char *) realloc (rpath, new_size);
 	      if (new_rpath == NULL)
-		return NULL;
+		goto error;
 	      rpath = new_rpath;
 	      rpath_limit = rpath + new_size;
 
-- 
cgit v1.1