From: Eugene Syromiatnikov <esyr@openssl.org>
Date: Tue, 12 Aug 2025 08:03:43 +0000 (+0200)
Subject: test/mem_alloc_test.c: avoid referencing potentially freed old_ret
X-Git-Tag: openssl-3.6.0-alpha1~93
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2b76895152fe7c7bcd11b9ae6e712c0437aee8c3;p=thirdparty%2Fopenssl.git

test/mem_alloc_test.c: avoid referencing potentially freed old_ret

Referencing to old_ret after it has been freed by realloc is UB, so drop
its usage in the printing routine, and don't check it for being non-NULL
(as it is not a mistake to call free() on NULL pointer anyway).

Fixes: d090695101a9 "test: add a sanity test for memory allocation functions"
Resolves: https://scan5.scan.coverity.com/#/project-view/65279/10222?selectedIssue=1662052
Related: https://github.com/openssl/project/issues/1317
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28238)
---

diff --git a/test/mem_alloc_test.c b/test/mem_alloc_test.c
index ae5895b9534..899f49d2d47 100644
--- a/test/mem_alloc_test.c
+++ b/test/mem_alloc_test.c
@@ -593,11 +593,9 @@ static int test_xrealloc(const bool clear, const bool array, const bool macro,
         res = check_exp(macro ? OPENSSL_FILE : test_fn, ln, sz, false, false,
                         ret, exp, exp_malloc_cnt, exp_realloc_cnt);
         if (res == 0)
-            TEST_error("realloc return code check fail with i = %zu"
-                       ", old_ret = %p, ret = %p, old_nmemb = %#zx"
-                       ", nmemb = %#zx, size = %#zx",
-                       i, (void *) old_ret, (void *) ret, old_nmemb, nmemb,
-                       td->size);
+            TEST_error("realloc return code check fail with i = %zu, ret = %p"
+                       ", old_nmemb = %#zx, nmemb = %#zx, size = %#zx",
+                       i, (void *) ret, old_nmemb, nmemb, td->size);
 
         /* Write data on the first pass and check it on the second */
         if (res != 0 && exp == EXP_NONNULL && exp2 == EXP_NONNULL) {
@@ -630,7 +628,7 @@ static int test_xrealloc(const bool clear, const bool array, const bool macro,
         }
 
         /* Freeing the old allocation if realloc has failed */
-        if (old_ret != 0 && ret == 0 && exp != EXP_ZERO_SIZE)
+        if (ret == NULL && exp != EXP_ZERO_SIZE)
             OPENSSL_free(old_ret);
 
         old_ret = ret;