[exim-dev] unchecked return code of malloc

Top Page

Reply to this message
Author: Alexander Holler
To: exim-dev
Subject: [exim-dev] unchecked return code of malloc

being curious about the possible bug in exim, I've just done a

grep -nRsA 2 malloc *

on the source of exim-4.69 to see if the problem might happen because of
some unchecked return of malloc() which would cause a problem if the
available memory could be a problem. It revealed a few places which look
suspicous, e.g.

exim-4.69/src/exim.c:3305:      uschar *newp = malloc(Ustrlen(TMPDIR) + 8);
exim-4.69/src/exim.c-3306-      sprintf(CS newp, "TMPDIR=%s", TMPDIR);
exim-4.69/src/exim.c-3307-      *p = newp;

This one e.g. is still found in exim 4.72.

I haven't looked further because the problem might already be found, and
I don't know if exim overwrites malloc, but I would suggest to
remove/fix those few places like the one above. I know it might be
difficult to get to the point where malloc returns 0 (NULL), but fixing
those places looks to me like a good idea.


Alexander Holler

PS: I don't use exim by myself, and really just was curious, so I will
not do any further on that topic.