From 39c6e5aa859c633fcb48e299643bb0189f333a0d Mon Sep 17 00:00:00 2001 From: Thomas Klausner Date: Tue, 25 Jun 2013 22:35:29 +0200 Subject: Tighten out-of-range comparisons. [For all of these, LONG_MAX was the correct value to prevent overflows for the recent CVEs. Lowering to INT_MAX catches buggy replies from the server that 32-bit clients would reject but 64-bit would accept, so we catch bugs sooner, and really, no sane & working server should ever report more than 2gb of extension names, font path entries, key modifier maps, etc. -alan- ] Reviewed-by: Alan Coopersmith Signed-off-by: Alan Coopersmith Backported-to-NX-by: Ulrich Sibiller --- nx-X11/lib/X11/GetFPath.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nx-X11/lib/X11/GetFPath.c') diff --git a/nx-X11/lib/X11/GetFPath.c b/nx-X11/lib/X11/GetFPath.c index abd4a5dbd..8f8c6144a 100644 --- a/nx-X11/lib/X11/GetFPath.c +++ b/nx-X11/lib/X11/GetFPath.c @@ -50,7 +50,7 @@ char **XGetFontPath( if (rep.nPaths) { flist = Xmalloc(rep.nPaths * sizeof (char *)); - if (rep.length < (LONG_MAX >> 2)) { + if (rep.length < (INT_MAX >> 2)) { nbytes = (unsigned long) rep.length << 2; ch = Xmalloc (nbytes + 1); /* +1 to leave room for last null-terminator */ -- cgit v1.2.3 From 26256188b498e122e21ce0e05521dfc58f8b60a5 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Sun, 11 Aug 2013 00:07:33 -0700 Subject: Remove unnecessary casts of pointers to (char *) in calls to Xfree() Left one cast behind that is necessary to change from const char * to char * in nx-X11/lib/X11/lcCharSet.c. Signed-off-by: Alan Coopersmith Backported-to-NX-by: Ulrich Sibiller --- nx-X11/lib/X11/GetFPath.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nx-X11/lib/X11/GetFPath.c') diff --git a/nx-X11/lib/X11/GetFPath.c b/nx-X11/lib/X11/GetFPath.c index 8f8c6144a..76ff7327b 100644 --- a/nx-X11/lib/X11/GetFPath.c +++ b/nx-X11/lib/X11/GetFPath.c @@ -57,7 +57,7 @@ char **XGetFontPath( } if ((! flist) || (! ch)) { - if (flist) Xfree((char *) flist); + if (flist) Xfree(flist); if (ch) Xfree(ch); _XEatDataWords(dpy, rep.length); UnlockDisplay(dpy); @@ -93,7 +93,7 @@ XFreeFontPath (char **list) { if (list != NULL) { Xfree (list[0]-1); - Xfree ((char *)list); + Xfree (list); } return 1; } -- cgit v1.2.3 From fc26b97ea9053a2aba54824243282e27bc4a1e15 Mon Sep 17 00:00:00 2001 From: walter harms Date: Thu, 5 Jun 2014 18:37:40 +0200 Subject: Remove redundant null checks before free This patch removes some redundant null checks before free. It should not change the code otherwise. Be aware that this is only the first series. Signed-off-by: Harms Reviewed-by: Alan Coopersmith Signed-off-by: Alan Coopersmith Backported-to-NX-by: Ulrich Sibiller --- nx-X11/lib/X11/GetFPath.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nx-X11/lib/X11/GetFPath.c') diff --git a/nx-X11/lib/X11/GetFPath.c b/nx-X11/lib/X11/GetFPath.c index 76ff7327b..62ba01436 100644 --- a/nx-X11/lib/X11/GetFPath.c +++ b/nx-X11/lib/X11/GetFPath.c @@ -57,8 +57,8 @@ char **XGetFontPath( } if ((! flist) || (! ch)) { - if (flist) Xfree(flist); - if (ch) Xfree(ch); + Xfree(flist); + Xfree(ch); _XEatDataWords(dpy, rep.length); UnlockDisplay(dpy); SyncHandle(); -- cgit v1.2.3 From 73f2d66e0ec90ac5140e5015ca511f914016786e Mon Sep 17 00:00:00 2001 From: Peter Hutterer Date: Tue, 19 May 2015 12:30:22 +1000 Subject: Fix three "use of uninitialized variable" coverity warnings False positive, if rlen/nbytes are unset we quit early before using it. Still, initialize it so we don't have to deal with these warnings again. Signed-off-by: Peter Hutterer Reviewed-by: Hans de Goede Reviewed-by: Alan Coopersmith Backported-to-NX-by: Ulrich Sibiller --- nx-X11/lib/X11/GetFPath.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nx-X11/lib/X11/GetFPath.c') diff --git a/nx-X11/lib/X11/GetFPath.c b/nx-X11/lib/X11/GetFPath.c index 62ba01436..8c3f49c95 100644 --- a/nx-X11/lib/X11/GetFPath.c +++ b/nx-X11/lib/X11/GetFPath.c @@ -35,7 +35,7 @@ char **XGetFontPath( int *npaths) /* RETURN */ { xGetFontPathReply rep; - unsigned long nbytes; + unsigned long nbytes = 0; char **flist = NULL; char *ch = NULL; char *chend; -- cgit v1.2.3