From 18ecd521b90b8189c7ef321190b6c9110cf5f156 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Kugland?= <kugland@gmail.com>
Date: Wed, 13 May 2026 16:47:45 -0300
Subject: [PATCH] fix: check *ret instead of ret in xvasprintf error path

ret is the address of a local char* and is never NULL, so the OOM
branch was dead. Test len == -1 first to short-circuit, since per
vasprintf(3) the contents of *strp are undefined on error on GNU;
the *ret == NULL check then covers the FreeBSD case, where the
implementation sets strp to NULL on error.
---
 darkhttpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/darkhttpd.c b/darkhttpd.c
index bcfb248..471fd6c 100644
--- a/darkhttpd.c
+++ b/darkhttpd.c
@@ -434,7 +434,7 @@ static unsigned int xvasprintf(char **ret, const char *format, va_list ap)
     __printflike(2,0);
 static unsigned int xvasprintf(char **ret, const char *format, va_list ap) {
     int len = vasprintf(ret, format, ap);
-    if (ret == NULL || len == -1)
+    if (len == -1 || *ret == NULL)
         errx(1, "out of memory in vasprintf()");
     return (unsigned int)len;
 }