[Bug-gnulib] a couple of xrealloc -> free+xmalloc fixes

[Paul Eggert]

While looking for address-overflow problems, I noticed a couple of
places where the code is calling xrealloc but is not relying on the
buffer contents being saved.  In that case, it's usually better to use
free+xmalloc, to avoid the unnecessary buffer copy.  I installed this
patch.

This patch also contains some minor address-space cleanup, which
indicates that quotearg should change some 'unsigned int's to
'size_t's.  Haven't done that yet, though.

2003-10-29  Paul Eggert  <address@hidden>

        * getgroups.c (getgroups): Don't use xrealloc, since we don't need
        the buffer preserved.  Use free and xmalloc instead.
        * quotearg.c (quotearg_n_options): Likewise.
        Use a simpler test for size overflow.  Don't use xalloc_oversized
        because unsigned int might be wider than size_t (!); this suggests
        that we should switch from unsigned int to size_t for slot numbers.
        
Index: lib/getgroups.c
===================================================================
RCS file: /cvsroot/gnulib/gnulib/lib/getgroups.c,v
retrieving revision 1.8
diff -p -u -r1.8 getgroups.c
--- lib/getgroups.c     16 Oct 2003 07:30:56 -0000      1.8
+++ lib/getgroups.c     29 Oct 2003 17:23:58 -0000
@@ -43,16 +43,16 @@ getgroups (int n, GETGROUPS_T *group)
     return getgroups (n, group);
 
   n = 20;
-  gbuf = NULL;
   while (1)
     {
       /* No need to worry about address arithmetic overflow here,
         since the ancient systems that we're running on have low
         limits on the number of secondary groups.  */
-      gbuf = xrealloc (gbuf, n * sizeof (GETGROUPS_T));
+      gbuf = xmalloc (gbuf, n * sizeof *gbuf);
       n_groups = getgroups (n, gbuf);
       if (n_groups < n)
        break;
+      free (gbuf);
       n += 10;
     }
 
Index: lib/quotearg.c
===================================================================
RCS file: /cvsroot/gnulib/gnulib/lib/quotearg.c,v
retrieving revision 1.38
diff -p -u -r1.38 quotearg.c
--- lib/quotearg.c      23 Nov 2002 06:45:49 -0000      1.38
+++ lib/quotearg.c      29 Oct 2003 17:24:05 -0000
@@ -538,10 +538,8 @@ quotearg_n_options (int n, char const *a
   if (nslots <= n0)
     {
       unsigned int n1 = n0 + 1;
-      size_t s = n1 * sizeof *slotvec;
 
-      if (SIZE_MAX / UINT_MAX <= sizeof *slotvec
-         && n1 != s / sizeof *slotvec)
+      if (SIZE_MAX / sizeof *slotvec < n1)
        xalloc_die ();
 
       if (slotvec == &slotvec0)
@@ -549,7 +547,7 @@ quotearg_n_options (int n, char const *a
          slotvec = xmalloc (sizeof *slotvec);
          *slotvec = slotvec0;
        }
-      slotvec = xrealloc (slotvec, s);
+      slotvec = xrealloc (slotvec, n1 * sizeof *slotvec);
       memset (slotvec + nslots, 0, (n1 - nslots) * sizeof *slotvec);
       nslots = n1;
     }
@@ -562,7 +560,9 @@ quotearg_n_options (int n, char const *a
     if (size <= qsize)
       {
        slotvec[n].size = size = qsize + 1;
-       slotvec[n].val = val = xrealloc (val == slot0 ? 0 : val, size);
+       if (val != slot0)
+         free (val);
+       slotvec[n].val = val = xmalloc (size);
        quotearg_buffer (val, size, arg, argsize, options);
       }