On Fri, 2010-12-10 at 15:47 +0100, Alexander Holler wrote:
>
> exim-4.69/src/exim.c:3305: uschar *newp = malloc(Ustrlen(TMPDIR) + 8);
> exim-4.69/src/exim.c-3306- sprintf(CS newp, "TMPDIR=%s", TMPDIR);
> exim-4.69/src/exim.c-3307- *p = newp;
> --
>
> This one e.g. is still found in exim 4.72.
>
> I haven't looked further because the problem might already be found, and
> I don't know if exim overwrites malloc, but I would suggest to
> remove/fix those few places like the one above. I know it might be
> difficult to get to the point where malloc returns 0 (NULL), but fixing
> those places looks to me like a good idea.
I have no idea why that code isn't using Exim's store_malloc() instead
of malloc(). The store_malloc() function will log an abort message and
die if the allocation fails.
A patch to fix that (and other instances) would be much appreciated.
--
dwmw2
