Closed magnusstubman closed 6 years ago
People sometimes forget to check the return value of realloc(), assuming that there is space after their memory chunks such that expanding is not an issue. However this is not always the case and can lead to double-frees, use-after-frees etc.
realloc()
Example code:
char *s = malloc((size_t)10); realloc(s, (size_t)15); free(s); // <- potential double free
This would result in a double free if realloc() moved the memory, and therefore free()d s afterwards internally before returning execution.
free()
s
crazyrealloc.c ensures that memory is always moved around, such that it's easier to detect bugs as the one described here.
crazyrealloc.c
Crazy :-)
zardus
commented
6 years ago
People sometimes forget to check the return value of
realloc(), assuming that there is space after their memory chunks such that expanding is not an issue. However this is not always the case and can lead to double-frees, use-after-frees etc.Example code:
This would result in a double free if
realloc()moved the memory, and thereforefree()dsafterwards internally before returning execution.crazyrealloc.censures that memory is always moved around, such that it's easier to detect bugs as the one described here.