aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuel Vasko <samuel@entia.co>2020-02-10 17:55:59 +0000
committerAndreas Schneider <asn@cryptomilk.org>2020-02-13 11:36:50 +0100
commit672c5cee79eb412025c3dd8b034e611c1f119055 (patch)
tree4855dba9db55c39617e6053e0df7bc6c2d3b52fc
parent13c1c7afb4e625d8c6f8d5db2bf9e7308cf91153 (diff)
downloadcmocka-672c5cee79eb412025c3dd8b034e611c1f119055.tar.gz
cmocka-672c5cee79eb412025c3dd8b034e611c1f119055.tar.xz
cmocka-672c5cee79eb412025c3dd8b034e611c1f119055.zip
Refactor symbol map freeing to avoid UB
Removes a undefined behaviour (uint underflow) happening when freeing a value. Fortunately this undefined behaviour has no effect on the program. It only manifests itself when cmocka is compiled using clangs undefined behaviour sanitizer. Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/cmocka.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/src/cmocka.c b/src/cmocka.c
index 32f7360..4b88026 100644
--- a/src/cmocka.c
+++ b/src/cmocka.c
@@ -722,9 +722,16 @@ static void free_symbol_map_value(const void *value,
SymbolMapValue * const map_value = (SymbolMapValue*)value;
const LargestIntegralType children = cast_ptr_to_largest_integral_type(cleanup_value_data);
assert_non_null(value);
- list_free(&map_value->symbol_values_list_head,
- children ? free_symbol_map_value : free_value,
- (void *) ((uintptr_t)children - 1));
+ if (children == 0) {
+ list_free(&map_value->symbol_values_list_head,
+ free_value,
+ NULL);
+ } else {
+ list_free(&map_value->symbol_values_list_head,
+ free_symbol_map_value,
+ (void *)((uintptr_t)children - 1));
+ }
+
free(map_value);
}