[flac-dev] Behavior of safe_realloc_add_2op_()

[Miroslav Lichvar]

I'm looking at an issue reported by the Coverity static analyzer.
In iconvert() in src/share/utf8/iconvert.c on line 152 there is

newbuf = safe_realloc_add_2op_(utfbuf, ...);

If the request size is not valid, the function will free utfbuf and
return 0. This is followed by goto fail and utfbuf is freed for the
second time. A simply fix would be to set utfbuf to 0 if newbuf is 0.
However, this would create a leak in the case when the size is ok, but
the reallocation itself failed. Should safe_realloc_add_2op_() be
changed to use safe_realloc_() instead of realloc()? Is there any code
in flac that relies on the current behavior?

-- 
Miroslav Lichvar