diff options
authorRich Felker <>2017-01-29 11:14:00 -0500
committerRich Felker <>2017-01-29 11:14:00 -0500
commitdbbb3734d8c0176feabd6c46e2e85bbc3b8a60af (patch)
parent01e6bbece2bdcac243cdb8dff6916f2bb80a19e1 (diff)
fix use of uninitialized pointer in gettext core
the plural_rule field of allocated msgcat structures was assumed to be initially-null but was never initialized. for future-proofing, the nplurals field which was left uninitialized should also be cleared. likewise, in the binding structure, the active field could be used uninitialized by a technicality: the a_store which stores the initial value of 0 may be implemented as a cas operation, which reads the old value. rather than fixing these issues individually, just use calloc for both allocations. this does result in wasteful clearing of name buffers (up to NAME_MAX+PATH_MAX) before filling them, but since the size if bounded and the time is dominated by filesystem operations, it really doesn't matter; simplicity and future-proofing have more value here. modified from patch submitted by He X.
1 files changed, 2 insertions, 2 deletions
diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c
index e48c50f0..73a9fd70 100644
--- a/src/locale/dcngettext.c
+++ b/src/locale/dcngettext.c
@@ -57,7 +57,7 @@ char *bindtextdomain(const char *domainname, const char *dirname)
if (!p) {
- p = malloc(sizeof *p + domlen + dirlen + 2);
+ p = calloc(sizeof *p + domlen + dirlen + 2, 1);
if (!p) {
return 0;
@@ -171,7 +171,7 @@ notrans:
size_t map_size;
const void *map = __map_file(name, &map_size);
if (!map) goto notrans;
- p = malloc(sizeof *p + namelen + 1);
+ p = calloc(sizeof *p + namelen + 1, 1);
if (!p) {
__munmap((void *)map, map_size);
goto notrans;