From 9ec66f059462d7024eee608ba72dddb26ae0efd3 Mon Sep 17 00:00:00 2001
From: Norman Feske <norman.feske@genode-labs.com>
Date: Tue, 7 Jan 2020 15:58:52 +0100
Subject: [PATCH] allocator_avl: simplify structure

This patch changes the code of '_alloc_two_blocks_metadata' to not
leak the result of a partial allocation in the out parameters of
the method. This eases the reasoning about the absence of a
use-atfer-free problem (there was none).
---
 repos/base/src/lib/base/allocator_avl.cc | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/repos/base/src/lib/base/allocator_avl.cc b/repos/base/src/lib/base/allocator_avl.cc
index a176db06a..39fc615be 100644
--- a/repos/base/src/lib/base/allocator_avl.cc
+++ b/repos/base/src/lib/base/allocator_avl.cc
@@ -107,13 +107,21 @@ Allocator_avl_base::Block *Allocator_avl_base::_alloc_block_metadata()
 
 bool Allocator_avl_base::_alloc_two_blocks_metadata(Block **dst1, Block **dst2)
 {
-	*dst1 = _alloc_block_metadata();
-	*dst2 = _alloc_block_metadata();
+	Block * const b1 = _alloc_block_metadata();
+	Block * const b2 = _alloc_block_metadata();
 
-	if (!*dst1 && *dst2) _md_alloc->free(*dst2, sizeof(Block));
-	if (!*dst2 && *dst1) _md_alloc->free(*dst1, sizeof(Block));
+	if (b1 && b2) {
+		*dst1 = b1;
+		*dst2 = b2;
+		return true;
+	}
 
-	return (*dst1 && *dst2);
+	*dst1 = *dst2 = nullptr;
+
+	if (b2) _md_alloc->free(b2, sizeof(Block));
+	if (b1) _md_alloc->free(b1, sizeof(Block));
+
+	return false;
 }