Mercurial > vim

diff src/netbeans.c @ 6596:f8f2a61e538d v7.4.624

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated for version 7.4.624 Problem: May leak memory or crash when vim_realloc() returns NULL. Solution: Handle a NULL value properly. (Mike Williams)
author Bram Moolenaar <bram@vim.org>
date Tue, 10 Feb 2015 18:34:01 +0100
parents 50dbef5e774a
children 77172f5bac73
line wrap: on
line diff
--- a/src/netbeans.c
+++ b/src/netbeans.c
@@ -1080,10 +1080,18 @@ nb_get_buf(int bufno)
     {
 	if (bufno >= buf_list_size) /* grow list */
 	{
+	    nbbuf_T *t_buf_list = buf_list;
+
 	    incr = bufno - buf_list_size + 90;
 	    buf_list_size += incr;
 	    buf_list = (nbbuf_T *)vim_realloc(
 				   buf_list, buf_list_size * sizeof(nbbuf_T));
+	    if (buf_list == NULL)
+	    {
+		vim_free(t_buf_list);
+		buf_list_size = 0;
+		return NULL;
+	    }
 	    vim_memset(buf_list + buf_list_size - incr, 0,
 						      incr * sizeof(nbbuf_T));
 	}
@@ -3678,11 +3686,18 @@ addsigntype(
 	    {
 		int incr;
 		int oldlen = globalsignmaplen;
+		char **t_globalsignmap = globalsignmap;
 
 		globalsignmaplen *= 2;
 		incr = globalsignmaplen - oldlen;
 		globalsignmap = (char **)vim_realloc(globalsignmap,
 					   globalsignmaplen * sizeof(char *));
+		if (globalsignmap == NULL)
+		{
+		    vim_free(t_globalsignmap);
+		    globalsignmaplen = 0;
+		    return;
+		}
 		vim_memset(globalsignmap + oldlen, 0, incr * sizeof(char *));
 	    }
 	}
@@ -3708,11 +3723,18 @@ addsigntype(
 	{
 	    int incr;
 	    int oldlen = buf->signmaplen;
+	    int *t_signmap = buf->signmap;
 
 	    buf->signmaplen *= 2;
 	    incr = buf->signmaplen - oldlen;
 	    buf->signmap = (int *)vim_realloc(buf->signmap,
 					       buf->signmaplen * sizeof(int));
+	    if (buf->signmap == NULL)
+	    {
+		vim_free(t_signmap);
+		buf->signmaplen = 0;
+		return;
+	    }
 	    vim_memset(buf->signmap + oldlen, 0, incr * sizeof(int));
 	}
     }