Found by running the fuzz/uri.c fuzzer under asan (internal Android bug 171610679). Always free `ret` when exiting on failure. I've moved the definition of NULLCHK down past where ret is always initialized to make it clear that this is safe. This patch also fixes the indentation of two of the NULLCHK call sites to make it more obvious that NULLCHK isn't `if`-like. --- uri.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-)
Attachment:
0001-Fix-xmlURIEscape-memory-leaks.patch
Description: Text Data