[PATCH 4/5] kinput: allocate enough space for null character.

Dave Airlie airlied at gmail.com
Wed Oct 19 09:01:46 PDT 2011


From: Dave Airlie <airlied at redhat.com>

this code wasn't allocating enough space and was assigning the NULL
one past the end.

Pointed out by coverity.

Signed-off-by: Dave Airlie <airlied at redhat.com>
---
 hw/kdrive/src/kinput.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/hw/kdrive/src/kinput.c b/hw/kdrive/src/kinput.c
index c14dd82..977131c 100644
--- a/hw/kdrive/src/kinput.c
+++ b/hw/kdrive/src/kinput.c
@@ -1054,7 +1054,7 @@ KdGetOptions (InputOption **options, char *string)
     if (strchr(string, '='))
     {
         tam_key = (strchr(string, '=') - string);
-        newopt->key = (char *)malloc(tam_key);
+        newopt->key = (char *)malloc(tam_key + 1);
         strncpy(newopt->key, string, tam_key);
         newopt->key[tam_key] = '\0';
         newopt->value = strdup(strchr(string, '=') + 1);
-- 
1.7.6.4



More information about the xorg-devel mailing list