From aea71067dccd63e5988a57944991a2775ae4e5a7 Mon Sep 17 00:00:00 2001
From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Date: Tue, 23 Jun 2015 15:04:16 +0200
Subject: On realloc failure, free font_path_string instead of leaking it

Flagged by cppcheck 1.62:
[dix/dixfonts.c:1792]: (error) Common realloc mistake:
 'font_path_string' nulled but not freed upon failure

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Keith Packard <keithp@keithp.com>
Rebased against NX: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
---
 nx-X11/programs/Xserver/dix/dixfonts.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'nx-X11')

diff --git a/nx-X11/programs/Xserver/dix/dixfonts.c b/nx-X11/programs/Xserver/dix/dixfonts.c
index 156bba2d0..fac918963 100644
--- a/nx-X11/programs/Xserver/dix/dixfonts.c
+++ b/nx-X11/programs/Xserver/dix/dixfonts.c
@@ -1929,11 +1929,14 @@ GetFontPath(int *count, int *length)
 	fpe = font_path_elements[i];
 	len += fpe->name_length + 1;
     }
-    font_path_string = (unsigned char *) xrealloc(font_path_string, len);
-    if (!font_path_string)
-	return NULL;
+    c = realloc(font_path_string, len);
+    if (c == NULL) {
+	free(font_path_string);
+	font_path_string = NULL;
+	return BadAlloc;
+    }
 
-    c = font_path_string;
+    font_path_string = c;
     *length = 0;
     for (i = 0; i < num_fpes; i++) {
 	fpe = font_path_elements[i];
-- 
cgit v1.2.3