From 36c0f0f99aee940668b84c2c70b27f4993d9e6ee Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Thu, 30 Jul 2009 13:10:33 -0700
Subject: realloc() has that horrible overloaded free semantic when size is 0:
 current code does a free of the old record in this case, then fail.

---
 lib/tdb/common/tdb.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/tdb/common/tdb.c b/lib/tdb/common/tdb.c
index b59bb1571c..b78f74cc69 100644
--- a/lib/tdb/common/tdb.c
+++ b/lib/tdb/common/tdb.c
@@ -584,8 +584,13 @@ int tdb_append(struct tdb_context *tdb, TDB_DATA key, TDB_DATA new_dbuf)
 	if (dbuf.dptr == NULL) {
 		dbuf.dptr = (unsigned char *)malloc(new_dbuf.dsize);
 	} else {
-		unsigned char *new_dptr = (unsigned char *)realloc(dbuf.dptr,
-						     dbuf.dsize + new_dbuf.dsize);
+		unsigned int new_len = dbuf.dsize + new_dbuf.dsize;
+		unsigned char *new_dptr;
+
+		/* realloc '0' is special: don't do that. */
+		if (new_len == 0)
+			new_len = 1;
+		new_dptr = (unsigned char *)realloc(dbuf.dptr, new_len);
 		if (new_dptr == NULL) {
 			free(dbuf.dptr);
 		}
-- 
cgit