From: Michihiro NAKAJIMA <ggcueroad@gmail.com>
Date: Tue, 11 Sep 2012 11:09:30 +0000 (+0900)
Subject: Fix bugs that Clang Static Analyzer pointed out:
X-Git-Tag: v3.1.0~64
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=221f63f2f804134622d744dc0d58e84d19e990e4;p=thirdparty%2Flibarchive.git

Fix bugs that Clang Static Analyzer pointed out:
 - Double free
 - Use-after-free
---

diff --git a/libarchive/archive_string.c b/libarchive/archive_string.c
index 870cf37d5..d75966f3f 100644
--- a/libarchive/archive_string.c
+++ b/libarchive/archive_string.c
@@ -306,6 +306,9 @@ archive_string_ensure(struct archive_string *as, size_t s)
 	/* Now we can reallocate the buffer. */
 	p = (char *)realloc(as->s, new_length);
 	if (p == NULL) {
+		/* Prevent the duble free of as->s in archive_string_free
+		 * since realloc function already freed the memory. */
+		as->s = NULL;
 		/* On failure, wipe the string and return NULL. */
 		archive_string_free(as);
 		errno = ENOMEM;/* Make sure errno has ENOMEM. */
@@ -1120,8 +1123,8 @@ create_sconv_object(const char *fc, const char *tc,
 	}
 	sc->to_charset = strdup(tc);
 	if (sc->to_charset == NULL) {
-		free(sc);
 		free(sc->from_charset);
+		free(sc);
 		return (NULL);
 	}
 	archive_string_init(&sc->utftmp);