From c389f28af049dc0358528f2797a93a6f74a9dd97 Mon Sep 17 00:00:00 2001 From: "Enrico Weigelt, metux IT consult" Date: Tue, 6 May 2025 16:15:29 +0200 Subject: [PATCH] os: util: protect set_font_authorizations() from allocation failure MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit | ../os/utils.c: In function ‘set_font_authorizations’: | ../os/utils.c:863:14: warning: dereference of possibly-NULL ‘result’ [CWE-690] [-Wanalyzer-possible-null-dereference] | 863 | *p++ = sizeof(AUTHORIZATION_NAME) >> 8; | | ~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Enrico Weigelt, metux IT consult --- os/utils.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/os/utils.c b/os/utils.c index c223093d9..5be17d264 100644 --- a/os/utils.c +++ b/os/utils.c @@ -817,7 +817,9 @@ set_font_authorizations(char **authorizations, int *authlen, void *client) #endif len = strlen(hnameptr) + 1; - result = malloc(len + sizeof(AUTHORIZATION_NAME) + 4); + result = calloc(1, len + sizeof(AUTHORIZATION_NAME) + 4); + if (!result) + return 0; p = result; *p++ = sizeof(AUTHORIZATION_NAME) >> 8;