[Lcdproc] [PATCH] Memory leaks / NULL pointer dereference on malloc() failure in widget.c
Andre Guibert de Bruet
andy at siliconlandmark.com
Sun Dec 14 08:36:48 UTC 2008
On Dec 14, 2008, at 5:05 AM, Peter Marschall wrote:
> On Saturday, 13. December 2008, Andre Guibert de Bruet wrote:
>> I came across a couple of problems in widget_create(). On a system
>> with sufficient memory (Common case scenario), the function works as
>> expected. Under tight memory conditions, the function doesn't fare so
>> well:
>>
>> * When strdup() fails the allocation of w->id, the function returns
>> NULL. We previously allocated w, which doesn't get free()'ed before
>> the return statement.
>>
>> * frame_name is used without checking if the returned pointer is
>> NULL.
>> My fix adds a debug report() call, the freeing of w->id and w, as
>> well
>> as causing the function to return NULL, much like the other
>> allocation
>> failures.
>>
>> Could you commit the attached patch upon review?
>
> Yepp.
> Thanks for the patch.
>
> I found another leak in widget_create,which I plugged as well.
> In addition to that I reset free()'d pointers to NULL in
> widget_destroy() and documented the methods with Doxygen.
>
> To make it more complete I did the same in server/screen.c
>
> Please test.
Looks good except for one tiny change in screen.c (See attached patch).
Cheers,
/* Andre Guibert de Bruet * 436f 6465 2070 6f65 742e 2042 6974 206a */
/* Managing Partner * 6f63 6b65 792e 2053 7973 4164 6d69 6e2e */
/* GSM: +1 734 846 8758 * 2055 4e49 5820 736c 6575 7468 2e00 0000 */
/* WWW: siliconlandmark.com * C/C++, Java, Perl, PHP, SQL, XHTML, XML */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: screen.patch
Type: application/octet-stream
Size: 489 bytes
Desc: not available
URL: <http://lists.omnipotent.net/pipermail/lcdproc/attachments/20081214/489c0be6/attachment.obj>
-------------- next part --------------
More information about the LCDproc
mailing list