bugfix: calloc was misused. Memory corruption.

This dates back to the original copying over from ptp-noposix: 89a46c6d time-wrs/wrs-socket.c: implementation of net functions for wrs arch (but the bug was not in ptp-noposix). It is exposed by the newer compiler (well, library) we are using. But a calloc of 0 bytes should return NULL, to ensure it's not used... Documentation disagrees: If size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free(). Signed-off-by: Alessandro Rubini <rubini@gnudd.com>

bugfix: calloc was misused. Memory corruption.
This dates back to the original copying over from ptp-noposix: 89a46c6d time-wrs/wrs-socket.c: implementation of net functions for wrs arch (but the bug was not in ptp-noposix). It is exposed by the newer compiler (well, library) we are using. But a calloc of 0 bytes should return NULL, to ensure it's not used... Documentation disagrees: If size is 0, then malloc() returns either NULL, or a unique pointer value that can later be successfully passed to free(). Signed-off-by: Alessandro Rubini <rubini@gnudd.com>
ceb14b1c · Alessandro Rubini · 097342ae · ceb14b1c
Commit ceb14b1c authored Dec 02, 2016 by Alessandro Rubini
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

wrs-socket.c time-wrs/wrs-socket.c +1 -1

No files found.
--- a/time-wrs/wrs-socket.c
+++ b/time-wrs/wrs-socket.c
@@ -643,7 +643,7 @@ static int wrs_net_init(struct pp_instance *ppi)

 	/* Only one wrs_socket is created for each pp_instance, because
 	 * wrs_socket is related to the interface and not to the pp_channel */
-	struct wrs_socket *s = calloc(0, sizeof(struct wrs_socket));
+	struct wrs_socket *s = calloc(1, sizeof(struct wrs_socket));

 	if (!s)
 		return -1;