Replace free() malloc() sequences with realloc #2894
Labels
Comments
|
I think it might be because realloc error handling is cumbersome, meaning instead of the lines you showed you would have uint8_t *new_buffer = malloc(object->misc.key.private.size);
goto_if_null2(new_buffer, "Out of memory.",
r, TSS2_FAPI_RC_MEMORY, error_cleanup);
object->misc.key.private.buffer = new_buffer;instead of free(object->misc.key.private.buffer);
object->misc.key.private.buffer = malloc(object->misc.key.private.size);
goto_if_null2(object->misc.key.private.buffer, "Out of memory.",
r, TSS2_FAPI_RC_MEMORY, error_cleanup);But might be better in term of perfomance in case the zone allocated by malloc is already big enough to handle that, however, realloc include a memcpy when this is not the case which is useless, which might counter act any potential benefit of using |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Static code analysis gets confused by free() & malloc() sequences and claims use-after-free.
We can avoid this by using realloc instead; e.g.
tpm2-tss/src/tss2-fapi/api/Fapi_ChangeAuth.c
Lines 380 to 381 in c641c77
The text was updated successfully, but these errors were encountered: