[PATCH] registry: fix zero byte allocation

Michael Santos <>
Tue Oct 5 22:47:52 CEST 2010


Pasto in code results in 0 bytes (instead of length bytes) being allocated
when the length of the key exceeds the static buffer.
---
 lib/erl_interface/src/registry/reg_dump.c    |    4 ++--
 lib/erl_interface/src/registry/reg_restore.c |    2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/erl_interface/src/registry/reg_dump.c b/lib/erl_interface/src/registry/reg_dump.c
index 50a6949..dfec96b 100644
--- a/lib/erl_interface/src/registry/reg_dump.c
+++ b/lib/erl_interface/src/registry/reg_dump.c
@@ -157,7 +157,7 @@ static int mn_send_delete(int fd, erlang_pid *mnesia, const char *key)
   int len = strlen(key) + 32; /* 32 is a slight overestimate */
 
   if (len > EISMALLBUF)
-    if (!(dbuf = malloc(index)))
+    if (!(dbuf = malloc(len)))
       return -1;
   msgbuf = (dbuf ? dbuf : sbuf);
 
@@ -187,7 +187,7 @@ static int mn_send_write(int fd, erlang_pid *mnesia, const char *key, ei_reg_obj
   int len = 32 + keylen + obj->size;
 
   if (len > EISMALLBUF)
-    if (!(dbuf = malloc(index)))
+    if (!(dbuf = malloc(len)))
       return -1;
   msgbuf = (dbuf ? dbuf : sbuf);
 
diff --git a/lib/erl_interface/src/registry/reg_restore.c b/lib/erl_interface/src/registry/reg_restore.c
index 27918d2..aeb33c7 100644
--- a/lib/erl_interface/src/registry/reg_restore.c
+++ b/lib/erl_interface/src/registry/reg_restore.c
@@ -266,7 +266,7 @@ int ei_reg_restore(int fd, ei_reg *reg, const char *mntab)
   /* make sure receive buffer can handle largest expected message */
   len = maxkey + maxobj + 512; 
   if (len > EISMALLBUF)
-    if (!(dbuf = malloc(index))) {
+    if (!(dbuf = malloc(len))) {
       ei_send_exit(fd,&self,&mnesia,"cannot allocate space for incoming data");
       return -1;
     }
-- 
1.7.0.4



More information about the erlang-patches mailing list