[PATCH] kdrive: check for null memory, fix OOB
Peter Hutterer
peter.hutterer at who-t.net
Mon Oct 24 19:59:27 PDT 2011
If key/value allocation failed, don't bother adding another InputOption. And
make sure the memory allocated is large enough for the trailing \0
Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
hw/kdrive/src/kinput.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/hw/kdrive/src/kinput.c b/hw/kdrive/src/kinput.c
index a1bbcaa..6a1ce49 100644
--- a/hw/kdrive/src/kinput.c
+++ b/hw/kdrive/src/kinput.c
@@ -1049,10 +1049,15 @@ KdGetOptions (InputOption **options, char *string)
if (strchr(string, '='))
{
tam_key = (strchr(string, '=') - string);
- key = malloc(tam_key);
+ key = malloc(tam_key + 1);
+ if (!key)
+ goto out;
+
strncpy(key, string, tam_key);
key[tam_key] = '\0';
value = strdup(strchr(string, '=') + 1);
+ if (!value)
+ goto out;
}
else
{
@@ -1064,6 +1069,7 @@ KdGetOptions (InputOption **options, char *string)
if (newopt)
*options = newopt;
+out:
free(key);
free(value);
--
1.7.7
More information about the xorg-devel
mailing list