it errors out with "bad character in field \" and
then ftok_free crashes on an invalid free() because picking up the
previous token (the closing bracket) xrealloc'd the token array to be 5
elements long but never set the last element's tok pointer.
Consequently the ftok_free tries to free whatever garbage pointer is in
that last element and kaboom.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Eric Sandeen <sandeen@sandeen.net>
[sandeen: slightly clarify commit log] Signed-off-by: Eric Sandeen <sandeen@sandeen.net>