From 63ae58bf13902954da469472e64fdbf35768ad97 Mon Sep 17 00:00:00 2001
From: ume <ume@FreeBSD.org>
Date: Sat, 11 Oct 2003 10:37:43 +0000
Subject: correct unsafe use of realloc().

Obtained from:	KAME
---
 sbin/ip6fw/ip6fw.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'sbin/ip6fw')

diff --git a/sbin/ip6fw/ip6fw.c b/sbin/ip6fw/ip6fw.c
index a76d03c..be9e175 100644
--- a/sbin/ip6fw/ip6fw.c
+++ b/sbin/ip6fw/ip6fw.c
@@ -1,4 +1,4 @@
-/*	$KAME: ip6fw.c,v 1.13 2001/06/22 05:51:16 itojun Exp $	*/
+/*	$KAME: ip6fw.c,v 1.14 2003/10/02 19:36:25 itojun Exp $	*/
 
 /*
  * Copyright (C) 1998, 1999, 2000 and 2001 WIDE Project.
@@ -446,7 +446,7 @@ list(ac, av)
 	int	ac;
 	char 	**av;
 {
-	struct ip6_fw *r, *rules;
+	struct ip6_fw *r, *rules, *n;
 	int l,i;
 	unsigned long rulenum;
 	int nalloc, bytes, maxbytes;
@@ -457,10 +457,10 @@ list(ac, av)
 	bytes = nalloc;
 	maxbytes = 65536 * sizeof *rules;
 	while (bytes >= nalloc) {
-		nalloc = nalloc * 2 + 200;
-		bytes = nalloc;
-		if ((rules = realloc(rules, bytes)) == NULL)
+		if ((n = realloc(rules, nalloc * 2 + 200)) == NULL)
 			err(EX_OSERR, "realloc");
+		bytes = nalloc = nalloc * 2 + 200;
+		rules = n;
 		i = getsockopt(s, IPPROTO_IPV6, IPV6_FW_GET, rules, &bytes);
 		if ((i < 0 && errno != EINVAL) || nalloc > maxbytes)
 			err(EX_OSERR, "getsockopt(IPV6_FW_GET)");
-- 
cgit v1.1