From: Christian Brauner <christian.brauner@canonical.com>
Date: Sun, 25 Sep 2016 14:51:24 +0000 (+0200)
Subject: utils: fix lxc_string_split()
X-Git-Tag: lxc-1.0.9~24
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5c63275524da02ae881e35e8583cb72462750bd;p=thirdparty%2Flxc.git

utils: fix lxc_string_split()

Make sure we don't return uninitialized memory.

Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
---

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 911fa05a6..db4ea6811 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -705,8 +705,8 @@ bool lxc_string_in_list(const char *needle, const char *haystack, char _sep)
 char **lxc_string_split(const char *string, char _sep)
 {
 	char *token, *str, *saveptr = NULL;
-	char sep[2] = { _sep, '\0' };
-	char **result = NULL;
+	char sep[2] = {_sep, '\0'};
+	char **tmp = NULL, **result = NULL;
 	size_t result_capacity = 0;
 	size_t result_count = 0;
 	int r, saved_errno;
@@ -714,7 +714,7 @@ char **lxc_string_split(const char *string, char _sep)
 	if (!string)
 		return calloc(1, sizeof(char *));
 
-	str = alloca(strlen(string)+1);
+	str = alloca(strlen(string) + 1);
 	strcpy(str, string);
 	for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
 		r = lxc_grow_array((void ***)&result, &result_capacity, result_count + 1, 16);
@@ -727,7 +727,14 @@ char **lxc_string_split(const char *string, char _sep)
 	}
 
 	/* if we allocated too much, reduce it */
-	return realloc(result, (result_count + 1) * sizeof(char *));
+	tmp = realloc(result, (result_count + 1) * sizeof(char *));
+	if (!tmp)
+		goto error_out;
+	result = tmp;
+	/* Make sure we don't return uninitialized memory. */
+	if (result_count == 0)
+		*result = NULL;
+	return result;
 error_out:
 	saved_errno = errno;
 	lxc_free_array((void **)result, free);