From 5aef8b67b14b9fe4aaf6f8463906093b288a8ee3 Mon Sep 17 00:00:00 2001
From: Charlie Gordon <github@chqrlie.org>
Date: Sat, 16 Mar 2024 08:51:58 +0100
Subject: [PATCH] fix potential memory leak (#318)

- fix memory leak in `js_std_file_printf`
- fix `errno` clobber in `js_os_stat`
---
 quickjs-libc.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/quickjs-libc.c b/quickjs-libc.c
index 0e618c0..0eeb83f 100644
--- a/quickjs-libc.c
+++ b/quickjs-libc.c
@@ -172,7 +172,7 @@ static JSValue js_printf_internal(JSContext *ctx,
     uint8_t cbuf[UTF8_CHAR_LEN_MAX+1];
     JSValue res;
     DynBuf dbuf;
-    const char *fmt_str;
+    const char *fmt_str = NULL;
     const uint8_t *fmt, *fmt_end;
     const uint8_t *p;
     char *q;
@@ -377,6 +377,7 @@ static JSValue js_printf_internal(JSContext *ctx,
     return res;
 
 fail:
+    JS_FreeCString(ctx, fmt_str);
     dbuf_free(&dbuf);
     return JS_EXCEPTION;
 }
@@ -2529,12 +2530,11 @@ static JSValue js_os_stat(JSContext *ctx, JSValue this_val,
     else
         res = stat(path, &st);
 #endif
+    err = (res < 0) ? errno : 0;
     JS_FreeCString(ctx, path);
     if (res < 0) {
-        err = errno;
         obj = JS_NULL;
     } else {
-        err = 0;
         obj = JS_NewObject(ctx);
         if (JS_IsException(obj))
             return JS_EXCEPTION;
@@ -3499,11 +3499,12 @@ static JSValue js_worker_postMessage(JSContext *ctx, JSValue this_val,
     memcpy(msg->data, data, data_len);
     msg->data_len = data_len;
 
-    msg->sab_tab = malloc(sizeof(msg->sab_tab[0]) * sab_tab_len);
-    if (!msg->sab_tab)
-        goto fail;
-    if (sab_tab_len > 0)
+    if (sab_tab_len > 0) {
+        msg->sab_tab = malloc(sizeof(msg->sab_tab[0]) * sab_tab_len);
+        if (!msg->sab_tab)
+            goto fail;
         memcpy(msg->sab_tab, sab_tab, sizeof(msg->sab_tab[0]) * sab_tab_len);
+    }
     msg->sab_tab_len = sab_tab_len;
 
     js_free(ctx, data);