From: Guillem Jover <guillem@hadrons.org>
Date: Tue, 23 Aug 2022 21:49:34 +0000 (+0200)
Subject: setmode: Dot not use saveset after free
X-Git-Tag: 0.11.7~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a14612d96819d5e0561bff2da89a6fdea990223c;p=thirdparty%2Flibbsd.git

setmode: Dot not use saveset after free

While we are only doing a pointer difference and not dereferencing it,
it's easier and more correct to do the pointer difference before passing
it to reallocarray().

Warned-by: gcc
---

diff --git a/src/setmode.c b/src/setmode.c
index f65875e..c92cdc5 100644
--- a/src/setmode.c
+++ b/src/setmode.c
@@ -36,6 +36,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
+#include <stddef.h>
 #include <ctype.h>
 #include <errno.h>
 #include <signal.h>
@@ -144,12 +145,13 @@ common:			if (set->cmd2 & CMD2_CLR) {
 
 #define	ADDCMD(a, b, c, d) do {						\
 	if (set >= endset) {						\
+		ptrdiff_t setdiff = set - saveset;			\
 		BITCMD *newset;						\
 		setlen += SET_LEN_INCR;					\
 		newset = reallocarray(saveset, setlen, sizeof(BITCMD));	\
 		if (newset == NULL)					\
 			goto out;					\
-		set = newset + (set - saveset);				\
+		set = newset + setdiff;					\
 		saveset = newset;					\
 		endset = newset + (setlen - 2);				\
 	}								\