~/sources/lib/charcnv.c: Line: 254 destlen = destlen - o_len; *dest = (char *)Realloc(ob,destlen); if (!*dest) { DEBUG(0, ("convert_string_allocate: out of memory!\n")); SAFE_FREE(ob); return (size_t)-1; } Example: Assume destlen == 0 Realloc will free the original pointer, and the !*dest will free it again.
SAFE_FREE() correctly handles NULL pointers so this won't cause a crash or memory corruption, but I've added a check just the same (if (destlen && !*dest) {} )
Elrond gave it the ok.
originally reported against 3.0alpha23. Bugzilla spring cleaning.