[PATCH 01/32] [libx11] Using freed pointer "e"
Peter Hutterer
peter.hutterer at who-t.net
Sun Feb 13 14:35:10 PST 2011
On Sun, Feb 13, 2011 at 12:00:10AM +0100, Mark Kettenis wrote:
> > Reordered code to first to do the comparison and then to release data
>
> Your static analysis tool isn't all that good. Using the value of a
> pointer after freeing the storage it points to is totally fine.
I disagree. It's _technically_ fine, but I'd consider any code actually
doing this as buggy.
quite frankly, in this particular case I'd even be in favour of setting e to
NULL after XFree, just to make sure.
Cheers,
Peter
> > ---
> > src/XlibInt.c | 4 ++--
> > 1 files changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/src/XlibInt.c b/src/XlibInt.c
> > index d55c26a..c385f4c 100644
> > --- a/src/XlibInt.c
> > +++ b/src/XlibInt.c
> > @@ -777,10 +777,10 @@ _XFreeEventCookies(Display *dpy)
> > head = (struct stored_event**)&dpy->cookiejar;
> >
> > DL_FOREACH_SAFE(*head, e, tmp) {
> > - XFree(e->ev.data);
> > - XFree(e);
> > if (dpy->cookiejar == e)
> > dpy->cookiejar = NULL;
> > + XFree(e->ev.data);
> > + XFree(e);
> > }
> > }
More information about the xorg-devel
mailing list