From ea07763d95ea3e2fcd02898087489d82fa0e1c44 Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Tue, 6 May 2025 15:56:58 +0200
Subject: [PATCH] (!1967) dix: dixfonts: explain analyzer false alarm on
 alleged free() of stack chunk

The analyzer is wrong here, because the free'd closure pointer really points
to some calloc()'d chunk, instead of the PolyText()'s stack frame.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
---
 dix/dixfonts.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/dix/dixfonts.c b/dix/dixfonts.c
index d8a451cb6..8fbcda40e 100644
--- a/dix/dixfonts.c
+++ b/dix/dixfonts.c
@@ -1348,6 +1348,10 @@ doPolyText(ClientPtr client, PTclosurePtr c)
 
         FreeScratchGC(c->pGC);
         free(c->data);
+
+        /* if compiler/ananylzer warns here, it's a false alarm:
+           here `c` points to a calloc()ed chunk, not the on-stack struct
+           from PolyText(). */
         free(c);
     }
     return TRUE;
@@ -1494,6 +1498,9 @@ doImageText(ClientPtr client, ITclosurePtr c)
 
         FreeScratchGC(c->pGC);
         free(c->data);
+        /* if compiler/ananylzer warns here, it's a false alarm:
+           here `c` points to a calloc()ed chunk, not the on-stack struct
+           from PolyText(). */
         free(c);
     }
     return TRUE;