[PATCH:xsetroot] Only use results from GetWindowProperty if it returned success

Hans de Goede hdegoede at redhat.com
Mon Jan 5 07:01:24 PST 2015 

Hi,

On 03-01-15 23:30, Alan Coopersmith wrote:
> Since Xlib prior to 1.6 didn't always clear values on failure, don't
> assume they're safe to use unless we succeeded.
>
> Reported by Oracle Parfait 1.5.1:
> Error: Uninitialised memory (CWE 456)
>     Possible access to uninitialised memory '&after'
>          at line 328 of xsetroot.c in function 'FixupState'.
>            &after allocated at line 317.
>     Possible access to uninitialised memory '&data'
>          at line 330 of xsetroot.c in function 'FixupState'.
>            &data allocated at line 318.
>     Possible access to uninitialised memory '&format'
>          at line 328 of xsetroot.c in function 'FixupState'.
>            &format allocated at line 316.
>     Possible access to uninitialised memory '&length'
>          at line 328 of xsetroot.c in function 'FixupState'.
>            &length allocated at line 317.
>     Possible access to uninitialised memory '&type'
>          at line 328 of xsetroot.c in function 'FixupState'.
>            &type allocated at line 315.
>          at line 331 of xsetroot.c in function 'FixupState'.
>            &type allocated at line 315.
>
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>

Looks good:

Reviewed-by: Hans de Goede <hdegoede at redhat.com>

Regards,

Hans

> ---
>   xsetroot.c |   11 +++++++----
>   1 file changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/xsetroot.c b/xsetroot.c
> index 56ce741..5f142e1 100644
> --- a/xsetroot.c
> +++ b/xsetroot.c
> @@ -331,10 +331,13 @@ FixupState(void)
>   	return;
>       prop = XInternAtom(dpy, "_XSETROOT_ID", False);
>       if (unsave_past) {
> -	(void)XGetWindowProperty(dpy, root, prop, 0L, 1L, True, AnyPropertyType,
> -				 &type, &format, &length, &after, &data);
> -	if ((type == XA_PIXMAP) && (format == 32) &&
> -	    (length == 1) && (after == 0))
> +	if (XGetWindowProperty(dpy, root, prop, 0L, 1L, True, AnyPropertyType,
> +		       &type, &format, &length, &after, &data) != Success)
> +	    fprintf(stderr,
> +		    "%s: warning: cannot get _XSETROOT_ID property from root window\n",
> +		    program_name);
> +	else if ((type == XA_PIXMAP) && (format == 32) &&
> +		 (length == 1) && (after == 0))
>   	    XKillClient(dpy, *((Pixmap *)data));
>   	else if (type != None)
>   	    fprintf(stderr, "%s: warning: _XSETROOT_ID property is garbage\n",
>

More information about the xorg-devel mailing list