Most heap allocation functions are checked
for NULL return values, but a few are not:
./poptconfig.c: b = realloc(b, (nb + nse));
./poptconfig.c- (void) stpcpy( stpcpy(&b[nb-1], " "), se);
./popt.c: t = realloc(t, tn);
./popt.c- te = stpcpy(t + pos, a);
If either of those realloc calls fails, the next line
dereferences a NULL pointer.
Also, any use of realloc like those above introduces
a leak whenever realloc fails.
Instead, when realloc fails, the code should ensure
that the original value of the pointer (b or t above)
can still be freed.
Received on Wed May 20 12:16:22 2009