From 605ea1f73b0997e42ec5ac43e4d7a07debc54368 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@canonical.com>
Date: Sun, 25 Sep 2016 16:51:24 +0200
Subject: [PATCH] utils: fix lxc_string_split()

Make sure we don't return uninitialized memory.

Signed-off-by: Christian Brauner <christian.brauner@canonical.com>
---
 src/lxc/utils.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/lxc/utils.c b/src/lxc/utils.c
index 9a6ef4b37..c72c26a50 100644
--- a/src/lxc/utils.c
+++ b/src/lxc/utils.c
@@ -774,8 +774,8 @@ bool lxc_string_in_list(const char *needle, const char *haystack, char _sep)
 char **lxc_string_split(const char *string, char _sep)
 {
 	char *token, *str, *saveptr = NULL;
-	char sep[2] = { _sep, '\0' };
-	char **result = NULL;
+	char sep[2] = {_sep, '\0'};
+	char **tmp = NULL, **result = NULL;
 	size_t result_capacity = 0;
 	size_t result_count = 0;
 	int r, saved_errno;
@@ -783,7 +783,7 @@ char **lxc_string_split(const char *string, char _sep)
 	if (!string)
 		return calloc(1, sizeof(char *));
 
-	str = alloca(strlen(string)+1);
+	str = alloca(strlen(string) + 1);
 	strcpy(str, string);
 	for (; (token = strtok_r(str, sep, &saveptr)); str = NULL) {
 		r = lxc_grow_array((void ***)&result, &result_capacity, result_count + 1, 16);
@@ -796,7 +796,14 @@ char **lxc_string_split(const char *string, char _sep)
 	}
 
 	/* if we allocated too much, reduce it */
-	return realloc(result, (result_count + 1) * sizeof(char *));
+	tmp = realloc(result, (result_count + 1) * sizeof(char *));
+	if (!tmp)
+		goto error_out;
+	result = tmp;
+	/* Make sure we don't return uninitialized memory. */
+	if (result_count == 0)
+		*result = NULL;
+	return result;
 error_out:
 	saved_errno = errno;
 	lxc_free_array((void **)result, free);
-- 
2.47.2