[PATCH v2 20/25] [libx11] info_list->watch_data was being reallocated, but the return value of the reallocation was stored only into a local variable. This might cause some funky behavior and crashes.
Alan Coopersmith
alan.coopersmith at oracle.com
Tue Feb 1 00:19:29 PST 2011
On 01/31/11 04:02 AM, Erkki Seppälä wrote:
> From: Ander Conselvan de Oliveira <ander.conselvan-de-oliveira at nokia.com>
>
> Variable "wd_array" goes out of scope Value "wd_array" is overwritten in "wd_array = (XPointer*)realloc((char*)info_list->watch_data, (((dpy->watcher_count + 1) * 4U == 0U) ? 1U : ((dpy->watcher_count + 1) * 4U)))"
>
> Reviewed-by: Erkki Seppälä <erkki.seppala at vincit.fi>
> Signed-off-by: Ander Conselvan de Oliveira <ander.conselvan-de-oliveira at nokia.com>
> Signed-off-by: Erkki Seppälä <erkki.seppala at vincit.fi>
> ---
> src/XlibInt.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/src/XlibInt.c b/src/XlibInt.c
> index 52ccff1..3d13747 100644
> --- a/src/XlibInt.c
> +++ b/src/XlibInt.c
> @@ -662,6 +662,7 @@ XAddConnectionWatch(
> UnlockDisplay(dpy);
> return 0;
> }
> + info_list->watch_data = wd_array;
> wd_array[dpy->watcher_count] = NULL; /* for cleanliness */
> }
>
For the code:
Reviewed-by: Alan Coopersmith <alan.coopersmith at oracle.com>
(and damn that seems like a good catch that seems to go back to at least R6.6)
but the log entry needs a much shorter summary/subject/shortlog on the first line.
--
-Alan Coopersmith- alan.coopersmith at oracle.com
Oracle Solaris Platform Engineering: X Window System
More information about the xorg-devel
mailing list