Skip to content

MEDIUM: Potentially Unsafe Code - Potential Memory Leak#246

Open
DawmosTomie wants to merge 1 commit intolucasg:masterfrom
DawmosTomie:branch
Open

MEDIUM: Potentially Unsafe Code - Potential Memory Leak#246
DawmosTomie wants to merge 1 commit intolucasg:masterfrom
DawmosTomie:branch

Conversation

@DawmosTomie
Copy link

@DawmosTomie DawmosTomie commented Oct 29, 2023

Dear author, Hello!
I found a small security breach,
I've modified it,
I hope you can merge it。
(My English is not very good, I hope the wording does not offend you)

Description-MEDIUM: Potentially Unsafe Code - Potential Memory Leak

Line: 71 - Dependencies\third_party\phlib\jsonc\arraylist.c
Source code may experience memory leaks when attempting to extend arrays.
If the realloc function fails and returns NULL, the original memory is still retained.

Solution

solve this problem by checking the return value of realloc after calling it.
If realloc returns NULL, the original memory should be freed and an error returned.

Modified code

{
  void *t;
  int new_size;

  if(max < arr->size) return 0;
  new_size = json_max(arr->size << 1, max);
  t = realloc(arr->array, new_size*sizeof(void*));
  if(!t) {
    free(arr->array);
    return -1;
  }
  arr->array = (void**)t;
  (void)memset(arr->array + arr->size, 0, (new_size-arr->size)*sizeof(void*));
  arr->size = new_size;
  return 0;
}```

@himeshsameera
Copy link

himeshsameera commented Apr 1, 2025

Seems this is correct. I'm adding this to my fork of dependencies.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@DawmosTomie @himeshsameera