From 83445aa080fc4178fb8d44a549c3f307dafe35d6 Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Tue, 6 May 2025 15:56:58 +0200
Subject: [PATCH] (!1967) dix: dixfonts: explain analyzer false alarm on
 alleged free() of stack chunk

The analyzer is wrong here, because the free'd closure pointer really points
to some calloc()'d chunk, instead of the PolyText()'s stack frame.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
---
 dix/dixfonts.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/dix/dixfonts.c b/dix/dixfonts.c
index e7a0f2716..b35ba75d2 100644
--- a/dix/dixfonts.c
+++ b/dix/dixfonts.c
@@ -1348,6 +1348,10 @@ doPolyText(ClientPtr client, PTclosurePtr c)
 
         FreeScratchGC(c->pGC);
         free(c->data);
+
+        /* if compiler/ananylzer warns here, it's a false alarm:
+           here `c` points to a calloc()ed chunk, not the on-stack struct
+           from PolyText(). */
         free(c);
     }
     return TRUE;
@@ -1494,6 +1498,9 @@ doImageText(ClientPtr client, ITclosurePtr c)
 
         FreeScratchGC(c->pGC);
         free(c->data);
+        /* if compiler/ananylzer warns here, it's a false alarm:
+           here `c` points to a calloc()ed chunk, not the on-stack struct
+           from PolyText(). */
         free(c);
     }
     return TRUE;