the current x_realloc() does: void *x_realloc(void *ptr, size_t size) { void *p2; if (!ptr) return x_malloc(size); p2 = malloc(size); if (!p2) { fatal("out of memory in x_realloc"); } if (ptr) { memcpy(p2, ptr, size); free(ptr); } return p2; } there are multiple issues here: - the old pointer "ptr" has "size" bytes read from it, but there's no guarantee that the old buffer is larger than the new size - the second "if (ptr)" check is useless ... it already did a "if (!ptr)" at the top since the first issue cant be fixed without tagging every alloc with custom information, the easiest answer is to do: void *x_realloc(void *ptr, size_t size) { void *p2 = realloc(ptr, size); if (!p2) fatal("out of memory in x_realloc"); return p2; }
This bug was fixed in 52a9cd8eb8a69f9dc6944c047faf112b7137a07b.