[PATCH 1/2] Only free pContext once when AddResource fails in ProcRecordCreateContext
Alan Coopersmith
alan.coopersmith at oracle.com
Tue Apr 19 19:20:13 PDT 2011
Since RecordDeleteContext frees its argument, don't fall through to free
it again.
Error: Double free (CWE 415)
Double free of pointer 'malloc(1072)' defined by malloc
at line 1964 of record/record.c in function 'ProcRecordCreateContext'.
Previously freed at line 1960 with RecordDeleteContext.
'malloc(1072)' was allocated at line 1926 with malloc.
[ This bug was found by the Parfait 0.3.7 bug checking tool.
For more information see http://labs.oracle.com/projects/parfait/ ]
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
---
record/record.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/record/record.c b/record/record.c
index 53be182..69fca72 100644
--- a/record/record.c
+++ b/record/record.c
@@ -1958,7 +1958,7 @@ ProcRecordCreateContext(ClientPtr client)
else
{
RecordDeleteContext((pointer)pContext, pContext->id);
- err = BadAlloc;
+ return BadAlloc;
}
bailout:
free(pContext);
--
1.7.3.2
More information about the xorg-devel
mailing list