fdo-mirrors/xorg-libx11
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/lib/libx11.git synced 2026-05-23 05:08:15 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
xorg-libx11/modules
History
José Expósito 4f5541193d Fix use of uninitialized variable in _XimTriggerNotify 
`_XimRead()` is being called with `reply` as target buffer instead of
using `preply`, accessing uninitialized memory a few lines later.

This error has been found by a static analysis tool. This is the report:

    Error: UNINIT (CWE-457):
    libX11-1.8.7/modules/im/ximcp/imDefLkup.c:561: alloc_fn:
      Calling "malloc" which returns uninitialized memory.
    libX11-1.8.7/modules/im/ximcp/imDefLkup.c:561: assign:
      Assigning: "preply" = "malloc((size_t)((len == 0) ? 1 : len))",
      which points to uninitialized data.
    libX11-1.8.7/modules/im/ximcp/imDefLkup.c:573: uninit_use:
      Using uninitialized value "*((CARD8 *)preply)".
    #  571|       }
    #  572|       buf_s = (CARD16 *)((char *)preply + XIM_HEADER_SIZE);
    #  573|->     if (*((CARD8 *)preply) == XIM_ERROR) {
    #  574|           _XimProcError(im, 0, (XPointer)&buf_s[3]);
    #  575|           if(reply != preply)

Signed-off-by: José Expósito <jexposit@redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libx11/-/merge_requests/250>
2024-05-07 08:54:50 +00:00
..
im Fix use of uninitialized variable in _XimTriggerNotify 2024-05-07 08:54:50 +00:00
lc unifdef Lynx 2024-02-20 17:05:50 -08:00
om Avoid NULL pointer deref. Fixes issue #47. 2021-12-03 02:56:43 +00:00
Makefile.am Add missing Makefile.am to lib/X11/modules 2005-07-15 04:27:32 +00:00