fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-02-04 06:00:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

randr: Do not leak the provider property

Browse source 
When changing the RandR provider property, if the property does not
already exists, it is created.

In case of error, however, it doesn't get freed, leading to a leak of
the allocated property.

Make sure to free the RandR property in case of error if was to be
added.

Found by OpenScanHub.

Fixes: 3c3a4b767 - randr: Check for overflow in RRChangeProviderProperty()
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit c34f59ee15)

Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2041>
This commit is contained in:
Olivier Fourdan 2025-06-23 15:34:14 +02:00
parent 449b197e7e
commit 9a6399682b
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
randr/rrproviderproperty.c
View file

@ -179,8 +179,11 @@ RRChangeProviderProperty(RRProviderPtr provider, Atom property, Atom type,
if (mode == PropModeReplace || len > 0) {
void *new_data = NULL, *old_data = NULL;
if (total_len > MAXINT / size_in_bytes)
if (total_len > MAXINT / size_in_bytes) {
if (add)
RRDestroyProviderProperty(prop);
return BadValue;
}
total_size = total_len * size_in_bytes;
new_value.data = (void *) malloc(total_size);
if (!new_value.data && total_size) {