Commit a0c0d580 authored by Jaak Ristioja's avatar Jaak Ristioja

agraph, agstrdup(_html)?: Fixed potential null pointer dereferences.

The case where malloc() returns NULL was not checked, leading to the return
value always being dereferenced.

In libraries, such allocation functions usually just return NULL on failure and
the caller is expected to check the return value before proceeding. This does
not appear to be the case for the graphviz library, which just calls exit(1),
e.g. in agallocu(). While such behavior can unexpectedly exit(1) any program
using this library, I still opted to use exit(1) instead of returning NULL for
consistency, and because some callers in graphviz always expect these functions
to succeed (not checking the return value). It is better to exit with exit(1)
than with a null pointer dereference error, because at least the atexit() and
similar handlers will be run.
parent 288e1e8b
......@@ -107,8 +107,11 @@ char *agstrdup(Agraph_t * g, char *s)
sz = sizeof(refstr_t) + strlen(s);
if (g)
r = (refstr_t *) agalloc(g, sz);
else
else {
r = (refstr_t *) malloc(sz);
if (!r)
exit(1);
}
r->refcnt = 1;
strcpy(r->store, s);
r->s = r->store;
......@@ -133,8 +136,11 @@ char *agstrdup_html(Agraph_t * g, char *s)
sz = sizeof(refstr_t) + strlen(s);
if (g)
r = (refstr_t *) agalloc(g, sz);
else
else {
r = (refstr_t *) malloc(sz);
if (!r)
exit(1);
}
r->refcnt = 1 | HTML_BIT;
strcpy(r->store, s);
r->s = r->store;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment