Resize array in remove_from_array() and fix a crash

When an item is added to an array, then the array is realloc()ed (to size+1),
and the item is copied (strdup()) to the array.
Thus, when an item is removed from an array, allocated memory pointed by
the item (not the item itself) should be freed, successive items should
be left-shifted and the array realloc()ed again (size-1).

Additional changes:
- Initialize an array in list_all_containers().

Signed-off-by: Tomasz Blaszczak <tomasz.blaszczak@consult.red>

diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
index b1be7e0ed5fb4f432981339da1e5416935422f52..c533d9dd44e79788d33228c297eb9b380b0e7440 100644 (file)
--- a/src/lxc/lxccontainer.c
+++ b/src/lxc/lxccontainer.c
@@ -2262,7 +2262,7 @@ static inline int container_cmp(struct lxc_container **first,
 
 static bool add_to_array(char ***names, char *cname, int pos)
 {
-       char **newnames = realloc(*names, (pos+1) * sizeof(char *));
+       char **newnames = (char**)realloc(*names, (pos+1) * sizeof(char *));
        if (!newnames) {
                ERROR("Out of memory");
                return false;
@@ -2270,10 +2270,8 @@ static bool add_to_array(char ***names, char *cname, int pos)
 
        *names = newnames;
        newnames[pos] = strdup(cname);
-       if (!newnames[pos]) {
-               *names = (char**)realloc(*names, (pos) * sizeof(char *));
+       if (!newnames[pos])
                return false;
-       }
 
        /* Sort the array as we will use binary search on it. */
        qsort(newnames, pos + 1, sizeof(char *),
@@ -2322,12 +2320,16 @@ static bool remove_from_array(char ***names, char *cname, int size)
 {
        char **result = get_from_array(names, cname, size);
        if (result != NULL) {
-               int i;
-               for (i = 0; (*names)[i] != *result && i < size; i++) {
-               }
+               size_t i = result - *names;
                free(*result);
                memmove(*names+i, *names+i+1, (size-i-1) * sizeof(char*));
-               *names = (char**)realloc(*names, (size-1) * sizeof(char *));
+               char **newnames = (char**)realloc(*names, (size-1) * sizeof(char *));
+               if (!newnames) {
+                       ERROR("Out of memory");
+                       return false;
+               }
+
+               *names = newnames;
                return true;
        }