From e2f5d079ddb22a10a52731330309cd5c32128c21 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sat, 4 Jul 2015 00:11:59 +0200
Subject: nx-X11: Backport: RRModeCreate: plug memory leak of newModes if
 AddResource fails

Reported by parfait 1.0:

Error: Memory leak (CWE 401)
   Memory leak of pointer 'newModes' allocated with realloc(((char*)modes), ((num_modes + 1) * 8))
        at line 93 of randr/rrmode.c in function 'RRModeCreate'.
          pointer allocated at line 82 with realloc(((char*)modes), ((num_modes + 1) * 8)).
Error: Memory leak (CWE 401)
   Memory leak of pointer 'newModes' allocated with malloc(8)
        at line 93 of randr/rrmode.c in function 'RRModeCreate'.
          pointer allocated at line 84 with malloc(8).

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Keith Packard <keithp@keithp.com>

Backported from Arctica GH 3.6.x branch.

v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
---
 debian/changelog                                   |  6 ++++
 ...deCreate-plug-memory-leak-of-newMode.full.patch | 42 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 49 insertions(+)
 create mode 100644 debian/patches/1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch

diff --git a/debian/changelog b/debian/changelog
index 7b82e2d3a..62a064cbb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -293,6 +293,12 @@ nx-libs (2:3.5.0.32-0x2go1) UNRELEASED; urgency=low
     v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
     Adds:
     - 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch
+  * nx-X11: RRModeCreate: plug memory leak of newModes if AddResource fails
+    Backported from Arctica GH 3.6.x branch.
+    v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
+    v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
+    Adds:
+    - 1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch
 
  -- X2Go Release Manager <git-admin@x2go.org>  Tue, 17 Mar 2015 19:19:32 +0100
 
diff --git a/debian/patches/1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch b/debian/patches/1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch
new file mode 100644
index 000000000..f33dce9c2
--- /dev/null
+++ b/debian/patches/1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch
@@ -0,0 +1,42 @@
+commit 0fc419314b3bbafa873207dafa57ce92b4b9e1e1
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Sat Jul 14 11:21:15 2012 -0700
+
+    Backport: RRModeCreate: plug memory leak of newModes if AddResource fails
+
+    Reported by parfait 1.0:
+
+    Error: Memory leak (CWE 401)
+       Memory leak of pointer 'newModes' allocated with realloc(((char*)modes), ((num_modes + 1) * 8))
+            at line 93 of randr/rrmode.c in function 'RRModeCreate'.
+              pointer allocated at line 82 with realloc(((char*)modes), ((num_modes + 1) * 8)).
+    Error: Memory leak (CWE 401)
+       Memory leak of pointer 'newModes' allocated with malloc(8)
+            at line 93 of randr/rrmode.c in function 'RRModeCreate'.
+              pointer allocated at line 84 with malloc(8).
+
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Reviewed-by: Keith Packard <keithp@keithp.com>
+
+    Backported from Arctica GH 3.6.x branch.
+
+    v2: backport to nx-libs 3.6.x (Ulrich Sibiller)
+    v3: backport to nx-libs 3.5.0.x (Mihai Moldovan)
+
+diff --git a/nx-X11/programs/Xserver/randr/rrmode.c b/nx-X11/programs/Xserver/randr/rrmode.c
+index 09c0113..43ffe07 100644
+--- a/nx-X11/programs/Xserver/randr/rrmode.c
++++ b/nx-X11/programs/Xserver/randr/rrmode.c
+@@ -98,8 +98,10 @@ RRModeCreate (xRRModeInfo   *modeInfo,
+     }
+ 
+     mode->mode.id = FakeClientID(0);
+-    if (!AddResource (mode->mode.id, RRModeType, (pointer) mode))
+-	return NULL;
++    if (!AddResource(mode->mode.id, RRModeType, (pointer) mode)) {
++        free(newModes);
++        return NULL;
++    }
+     modes = newModes;
+     modes[num_modes++] = mode;
+     
diff --git a/debian/patches/series b/debian/patches/series
index 8169c803a..95e6985a9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -141,6 +141,7 @@
 1252_nx-X11_Free-randr-crtc-and-output-pointer-array.full.patch
 1253_nx-X11_randr-check-for-virtual-size-limits-befo.full.patch
 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch
+1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch
 9900-dxpc-license-history.full+lite.patch
 0016_nx-X11_install-location.debian.patch
 0102_xserver-xext_set-securitypolicy-path.debian.patch
-- 
cgit v1.2.3