In ld-ctype.c and locfile.c we use the wrong type for sizing the allocation, we use the sizeof the original type, but that's not correct, it should be the size of the element size. In both cases we can use the sizeof the dereferenced name to get the right value. The oringal code is fine, but it's a non-portable assumption to say that sizeof (foo **) == sizeof (foo *), it could in theory be different. We should just fix this. diff --git a/locale/programs/ld-ctype.c b/locale/programs/ld-ctype.c index afb431b..b92f857 100644 --- a/locale/programs/ld-ctype.c +++ b/locale/programs/ld-ctype.c @@ -3889,7 +3889,7 @@ allocate_arrays (struct locale_ctype_t *ctype, const struct charmap_t *charmap, /* Next we allocate an array large enough and fill in the values. */ sorted = (struct translit_t **) alloca (number - * sizeof (struct translit_t **)); + * sizeof (*sorted)); runp = ctype->translit; number = 0; do diff --git a/locale/programs/locfile.c b/locale/programs/locfile.c index b52efcf..10e6092 100644 --- a/locale/programs/locfile.c +++ b/locale/programs/locfile.c @@ -426,7 +426,7 @@ siblings_uncached (const char *output_path) *p++ = '/'; *p = '\0'; elems = (const char **) xrealloc ((char *) elems, - (nelems + 2) * sizeof (char **)); + (nelems + 2) * sizeof (*elems)); elems[nelems++] = other_path; } else
> The oringal code is fine, but it's a non-portable assumption to say that > sizeof (foo **) == sizeof (foo *), it could in theory be different. Not in GNU C.
(In reply to Andreas Schwab from comment #1) > > The oringal code is fine, but it's a non-portable assumption to say that > > sizeof (foo **) == sizeof (foo *), it could in theory be different. > > Not in GNU C. OK, in which case there are only 2 other good reasons for changing it: * some static analysis tooling doesn't know about GNU C and could warn (I've seen this in coverity). * it is logically clearer that the size needed is "element size x number of elements" Would you object to this kind of change?