Bug#184817: [patch] xlibs: Memory leak in xc/lib/X11/lcPrTxt.c

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#184817: [patch] xlibs: Memory leak in xc/lib/X11/lcPrTxt.c
From: Adrian Bunk <bunk@fs.tum.de>
Date: Fri, 14 Mar 2003 23:20:24 +0100
Message-id: <[🔎] E18txXM-0000IU-00@r063144.stusta.swh.mhn.de>
Reply-to: Adrian Bunk <bunk@fs.tum.de>, 184817@bugs.debian.org

Package: xlibs
Version: 4.2.1-4
Severity: important
Tags: patch

I do maintain a backport of the 4.2.1-4 packages for woody [1].

Christopher Huhn <C.Huhn@gsi.de> asked me to include a fix for a bug he 
observes when using these packages together with a backported KDE 3.1. 
The discussion of the bug is at [2].

The culprit is the following part of 000_stolen_from_HEAD_xlib.diff 
(the problem is still present in 4.2.1-6pre7v2):

--- xc/lib/X11/lcPrTxt.c	28 Oct 2001 03:32:35 -0000	1.7
+++ xc/lib/X11/lcPrTxt.c	3 Jun 2002 22:36:00 -0000	1.8
@@ -23,7 +23,7 @@
  * Author: Katsuhisa Yano	TOSHIBA Corp.
  *			   	mopi@osa.ilab.toshiba.co.jp
  */
-/* $XFree86: xc/lib/X11/lcPrTxt.c,v 1.7 2001/10/28 03:32:35 tsi Exp $ */
+/* $XFree86: xc/lib/X11/lcPrTxt.c,v 1.8 2002/06/03 22:36:00 dawes Exp $ */
 
 #include "Xlibint.h"
 #include "XlcPubI.h"
@@ -148,8 +148,7 @@
 	return XConverterNotFound;
 
     if (is_wide_char) {
-	buf_len = text_prop->nitems + 1;
-	buf = (XPointer) Xmalloc(buf_len * sizeof(wchar_t));
+	buf_len = (text_prop->nitems + 1) * sizeof(wchar_t);;
     } else {
 	if (strcmp(to_type, XlcNUtf8String) == 0)
 	    buf_len = text_prop->nitems * 6 + 1;
@@ -157,6 +156,7 @@
 	    buf_len = text_prop->nitems * XLC_PUBLIC(lcd, mb_cur_max) + 1;
 	buf = (XPointer) Xmalloc(buf_len);
     }
+    buf = (XPointer) Xmalloc(buf_len);
     if (buf == NULL)
 	return XNoMemory;
     to = buf;



The memory leak intruduced is pretty obvious.


The suggested solution in [2] is:

--- xc/lib/X11/lcPrTxt.c.sav	2002-06-04 00:36:00.000000000 +0200
+++ xc/lib/X11/lcPrTxt.c	2003-03-13 12:59:07.000000000 +0100
@@ -154,7 +154,6 @@ _XTextPropertyToTextList(
 	    buf_len = text_prop->nitems * 6 + 1;
 	else
 	    buf_len = text_prop->nitems * XLC_PUBLIC(lcd, mb_cur_max) + 1;
-	buf = (XPointer) Xmalloc(buf_len);
     }
     buf = (XPointer) Xmalloc(buf_len);
     if (buf == NULL)


Please include this fix in 2.4.1-7.


cu
Adrian

BTW: The ";;" in 000_stolen_from_HEAD_xlib.diff looks strange but it
     should be harmless.

[1] http://www.fs.tum.de/~bunk/packages/
[2] http://bugs.kde.org/show_bug.cgi?id=55417

Reply to:

Follow-Ups:
- Bug#184817: [patch] xlibs: Memory leak in xc/lib/X11/lcPrTxt.c
  - From: Branden Robinson <branden@debian.org>

Prev by Date: Re: Newbie is trying but unable to find out what's going on...!!!
Next by Date: Bug#184889: xkb: Right Alt still toggles even when the toggle button is changed
Previous by thread: Processed: Toshiba laptop keybounce
Next by thread: Bug#184817: [patch] xlibs: Memory leak in xc/lib/X11/lcPrTxt.c
Index(es):
- Date
- Thread