forked from enlightenment/efl
modules: eina: chained_pool: check for NULL before passing it to deref
Make sure we check if pool->first_fill is NULL before passing it onwards where it gets dereferenced. In case this happens return NULL instead of garbage. CID: 1293520 Differential Revision: https://phab.enlightenment.org/D11980
This commit is contained in:
parent
2784feff24
commit
6637fb3aec
|
@ -274,7 +274,7 @@ eina_chained_mempool_malloc(void *data, EINA_UNUSED unsigned int size)
|
||||||
{
|
{
|
||||||
Chained_Mempool *pool = data;
|
Chained_Mempool *pool = data;
|
||||||
Chained_Pool *p = NULL;
|
Chained_Pool *p = NULL;
|
||||||
void *mem;
|
void *mem = NULL;
|
||||||
|
|
||||||
if (!eina_spinlock_take(&pool->mutex))
|
if (!eina_spinlock_take(&pool->mutex))
|
||||||
{
|
{
|
||||||
|
@ -321,10 +321,10 @@ eina_chained_mempool_malloc(void *data, EINA_UNUSED unsigned int size)
|
||||||
_eina_chained_mp_pool_cmp, NULL);
|
_eina_chained_mp_pool_cmp, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
mem = _eina_chained_mempool_alloc_in(pool, pool->first_fill);
|
if (pool->first_fill)
|
||||||
|
mem = _eina_chained_mempool_alloc_in(pool, pool->first_fill);
|
||||||
|
|
||||||
eina_spinlock_release(&pool->mutex);
|
eina_spinlock_release(&pool->mutex);
|
||||||
|
|
||||||
return mem;
|
return mem;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue