[Spice-devel] [PATCH spice-common] region: Avoid possible memory corruption

Frediano Ziglio fziglio at redhat.com
Tue Feb 28 14:53:27 UTC 2017


pixman_region32_copy assume that destination (first argument)
is initialized and can use a pointer inside based on different
conditions.
As intersection is not initialized this can cause different
memory problems.
This resulted in memory leak detection from address sanitizer.

Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
 common/region.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/common/region.c b/common/region.c
index 14a27ed..e9abb32 100644
--- a/common/region.c
+++ b/common/region.c
@@ -452,6 +452,7 @@ void region_xor(QRegion *rgn, const QRegion *other_rgn)
 {
     pixman_region32_t intersection;
 
+    pixman_region32_init(&intersection);
     pixman_region32_copy(&intersection, rgn);
     pixman_region32_intersect(&intersection,
                               &intersection,
-- 
2.9.3



More information about the Spice-devel mailing list