Merge branch 'jk/xrealloc-avoid-use-after-free'

It was possible for xrealloc() to send a non-NULL pointer that has
been freed, which has been fixed.

* jk/xrealloc-avoid-use-after-free:
  xrealloc: do not reuse pointer freed by zero-length realloc()

wrapper.c

@@ -117,10 +117,13 @@ void *xrealloc(void *ptr, size_t size)
 {
 	void *ret;
 
+	if (!size) {
+		free(ptr);
+		return xmalloc(0);
+	}
+
 	memory_limit_check(size, 0);
 	ret = realloc(ptr, size);
-	if (!ret && !size)
-		ret = realloc(ptr, 1);
 	if (!ret)
 		die("Out of memory, realloc failed");
 	return ret;