From d9fe21f17f8c392a602773fa36b0814a0c672761 Mon Sep 17 00:00:00 2001
From: AndreyL ProductEngine <alihatskiy@productengine.com>
Date: Wed, 7 Jun 2017 19:30:32 +0300
Subject: [PATCH] MAINT-6697 More nullchecks for zip/unzip functions

---
 indra/llcommon/llsdserialize.cpp | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/indra/llcommon/llsdserialize.cpp b/indra/llcommon/llsdserialize.cpp
index 41cdb14886..0568a639a0 100644
--- a/indra/llcommon/llsdserialize.cpp
+++ b/indra/llcommon/llsdserialize.cpp
@@ -2092,6 +2092,12 @@ std::string zip_llsd(LLSD& data)
 
 			have = CHUNK-strm.avail_out;
 			output = (U8*) realloc(output, cur_size+have);
+			if (output == NULL)
+			{
+				LL_WARNS() << "Failed to compress LLSD block: can't reallocate memory, current size: " << cur_size << " bytes; requested " << cur_size + have << " bytes." << LL_ENDL;
+				deflateEnd(&strm);
+				return std::string();
+			}
 			memcpy(output+cur_size, out, have);
 			cur_size += have;
 		}
@@ -2179,7 +2185,6 @@ bool unzip_llsd(LLSD& data, std::istream& is, S32 size)
 		{
 			LL_WARNS() << "Failed to unzip LLSD block: can't reallocate memory, current size: " << cur_size << " bytes; requested " << cur_size + have << " bytes." << LL_ENDL;
 			inflateEnd(&strm);
-			free(result);
 			delete[] in;
 			return false;
 		}
@@ -2275,6 +2280,14 @@ U8* unzip_llsdNavMesh( bool& valid, unsigned int& outsize, std::istream& is, S32
 		U32 have = CHUNK-strm.avail_out;
 
 		result = (U8*) realloc(result, cur_size + have);
+		if (result == NULL)
+		{
+			LL_WARNS() << "Failed to unzip LLSD NavMesh block: can't reallocate memory, current size: " << cur_size << " bytes; requested " << cur_size + have << " bytes." << LL_ENDL;
+			inflateEnd(&strm);
+			delete[] in;
+			valid = false;
+			return NULL;
+		}
 		memcpy(result+cur_size, out, have);
 		cur_size += have;
 
-- 
GitLab