[PATCH app/twm 1/2] When replacing a colormap, free old map, not new one
Walter Harms
wharms at bfs.de
Thu Oct 11 19:14:32 UTC 2018
> Alan Coopersmith <alan.coopersmith at oracle.com> hat am 30. September 2018 um
> 23:44 geschrieben:
>
>
> Found by Oracle's Parfait 2.2 static analyzer:
>
> Error: Use after free
> Use after free [use-after-free] (CWE 416):
> Use after free of pointer Scr
> at line 421 of src/util.c in function 'InsertRGBColormap'.
> Invalid pointer accessible via global Scr at line 105 of src/twm.c
> maps escapes to sc->maps at line 419 of src/util.c in function
> 'InsertRGBColormap'
> maps freed with XFree at line 406
>
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
> ---
> src/util.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/util.c b/src/util.c
> index 8e9dab9..e254cd5 100644
> --- a/src/util.c
> +++ b/src/util.c
> @@ -403,7 +403,7 @@ InsertRGBColormap (Atom a, XStandardColormap *maps, int
> nmaps, Bool replace)
> }
>
> if (replace) { /* just update contents */
> - if (sc->maps) XFree (maps);
> + if (sc->maps) XFree (sc->maps);
just
XFree (sc->maps);
is sufficient
re,
wh
> if (sc == Scr->StdCmapInfo.mru) Scr->StdCmapInfo.mru = NULL;
> } else { /* else appending */
> sc->next = NULL;
> --
> 2.15.2
>
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: https://lists.x.org/mailman/listinfo/xorg-devel
More information about the xorg-devel
mailing list