diff --git a/src/attributes/dict.c b/src/attributes/dict.c index f95555734..666742286 100644 --- a/src/attributes/dict.c +++ b/src/attributes/dict.c @@ -135,7 +135,13 @@ static void dict_upgrade(attrib **alist, attrib *abegin) { assert(!"invalid input"); } if (i == 4) { - keys = realloc(keys, sizeof(int) * (n + i + 1)); + int *k; + k = realloc(keys, sizeof(int) * (n + i + 1)); + if (!k) { + free(keys); + abort(); + } + keys = k; memcpy(keys + n + 1, val, sizeof(val)); n += i; i = 0; diff --git a/src/attributes/key.c b/src/attributes/key.c index 00f81a80e..61bbb4599 100644 --- a/src/attributes/key.c +++ b/src/attributes/key.c @@ -123,8 +123,14 @@ static int a_readkeys(attrib * a, void *owner, gamedata *data) { if (e != n) { int sz = keys_size(n); if (e > sz) { + int *k; sz = keys_size(e); - keys = realloc(keys, sizeof(int)*(2 * sz + 1)); + k = realloc(keys, sizeof(int)*(2 * sz + 1)); + if (!k) { + free(keys); + abort(); + } + keys = k; keys[0] = e; } } diff --git a/src/kernel/alliance.c b/src/kernel/alliance.c index 910670d10..34a3ed62f 100644 --- a/src/kernel/alliance.c +++ b/src/kernel/alliance.c @@ -89,7 +89,8 @@ alliance *new_alliance(int id, const char *name) { al->flags |= ALF_NON_ALLIED; } al->next = alliances; - return alliances = al; + alliances = al; + return al; } alliance *findalliance(int id) diff --git a/src/kernel/item.c b/src/kernel/item.c index fdc9b45d1..6c5286813 100644 --- a/src/kernel/item.c +++ b/src/kernel/item.c @@ -340,8 +340,10 @@ void it_set_appearance(item_type *itype, const char *appearance) { assert(itype); assert(itype->rtype); if (appearance) { + char plural[32]; itype->_appearance[0] = strdup(appearance); - itype->_appearance[1] = strcat(strcpy((char *)malloc(strlen((char *)appearance) + 3), (char *)appearance), "_p"); + snprintf(plural, "%29s_p", appearance); + itype->_appearance[1] = strdup(plural); } else { itype->_appearance[0] = 0; itype->_appearance[1] = 0; diff --git a/src/util/attrib.c b/src/util/attrib.c index b6214fdd6..10ec660f8 100644 --- a/src/util/attrib.c +++ b/src/util/attrib.c @@ -119,7 +119,12 @@ int a_readstring(attrib * a, void *owner, struct gamedata *data) do { e = READ_STR(data->store, buf, sizeof(buf)); if (result) { - result = realloc(result, len + DISPLAYSIZE - 1); + char *tmp = realloc(result, len + DISPLAYSIZE - 1); + if (!tmp) { + free(result); + abort(); + } + result = tmp; strcpy(result + len, buf); len += DISPLAYSIZE - 1; } diff --git a/src/util/message.c b/src/util/message.c index c5285835e..9056ee139 100644 --- a/src/util/message.c +++ b/src/util/message.c @@ -61,7 +61,7 @@ arg_type *find_argtype(const char *name) message_type *mt_new(const char *name, const char *args[]) { int i, nparameters = 0; - message_type *mtype = (message_type *)malloc(sizeof(message_type)); + message_type *mtype; assert(name != NULL); if (name == NULL) { @@ -72,6 +72,7 @@ message_type *mt_new(const char *name, const char *args[]) /* count the number of parameters */ while (args[nparameters]) ++nparameters; } + mtype = (message_type *)malloc(sizeof(message_type)); mtype->key = 0; mtype->name = strdup(name); mtype->nparameters = nparameters; @@ -143,13 +144,14 @@ static void free_arg(const arg_type * atype, variant data) message *msg_create(const struct message_type *mtype, variant args[]) { int i; - message *msg = (message *)malloc(sizeof(message)); + message *msg; assert(mtype != NULL); if (mtype == NULL) { log_error("Trying to create message with type=0x0\n"); return NULL; } + msg = (message *)malloc(sizeof(message)); msg->type = mtype; msg->parameters = (variant *)(mtype->nparameters ? calloc(mtype->nparameters, sizeof(variant)) : NULL); msg->refcount = 1;