basic/alloc-util: also reset the cleaned-up variable in freep()

freep() has it's own definition, so I missed it in fd421c4adc7406de02e03e2f7ceede2cc6e1d9d4.

Again, there is a small growth, but the compiler should be able to optimize it away:
-Dbuildtype=debug:

-rwxrwxr-x 1 zbyszek zbyszek 4106816 Feb 19 12:52 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7492952 Feb 19 12:52 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472624 Feb 19 12:53 build/systemd

-rwxrwxr-x 1 zbyszek zbyszek 4107056 Feb 19 13:03 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7493480 Feb 19 13:03 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472760 Feb 19 13:03 build/systemd

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31055.

diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h
index 5885d890b587473727f57469f76b201fd73b44c3..698a6583c5cd2507ff2783b9b4a3080bd9c42315 100644 (file)
--- a/src/basic/alloc-util.h
+++ b/src/basic/alloc-util.h
@@ -80,7 +80,7 @@ void* memdup_suffix0(const void *p, size_t l); /* We can't use _alloc_() here, s
         })
 
 static inline void freep(void *p) {
-        free(*(void**) p);
+        *(void**)p = mfree(*(void**) p);
 }
 
 #define _cleanup_free_ _cleanup_(freep)

diff --git a/test/fuzz/fuzz-systemctl-parse-argv/oss-fuzz-31055 b/test/fuzz/fuzz-systemctl-parse-argv/oss-fuzz-31055
new file mode 100644 (file)
index 0000000..a8f9071
Binary files /dev/null and b/test/fuzz/fuzz-systemctl-parse-argv/oss-fuzz-31055 differ