frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

randr: Do not leak the provider property 

When changing the RandR provider property, if the property does not
already exists, it is created.

In case of error, however, it doesn't get freed, leading to a leak of
the allocated property.

Make sure to free the RandR property in case of error if was to be
added.

Found by OpenScanHub.

Fixes: 3c3a4b767 - randr: Check for overflow in RRChangeProviderProperty()
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2035>
This commit is contained in:
Olivier Fourdan 2025-06-23 15:34:14 +02:00 committed by Marge Bot
parent bfd15d6e5a
commit c34f59ee15
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
randr/rrproviderproperty.c
View File

@ -182,8 +182,11 @@ RRChangeProviderProperty(RRProviderPtr provider, Atom property, Atom type,
if (mode == PropModeReplace || len > 0) {
void *new_data = NULL, *old_data = NULL;
if (total_len > MAXINT / size_in_bytes)
if (total_len > MAXINT / size_in_bytes) {
if (add)
RRDestroyProviderProperty(prop);
return BadValue;
}
total_size = total_len * size_in_bytes;
new_value.data = (void *) malloc(total_size);
if (!new_value.data && total_size) {