Package: xfdesktop4
Version: 4.8.3-2
Severity: normal
Tags: upstream
Hi,
cppcheck brought the following code snippet in settings/main.c to my
attention. Unlike #692016, this appears to be a real leak:
"""
PreviewData *pdata = g_new0(PreviewData, 1);
pdata->model = g_object_ref(G_OBJECT(model));
if(TARGET_TEXT_URI_LIST != info
|| selection_data->format != 8
|| selection_data->length <= 0)
{
gtk_drag_finish(context, FALSE, FALSE, time_);
return;
}
[...]
"""
It seems to both cppcheck and me that pdata is leaked if the condition
for this if-statement is true. Also, model may be leaked due to the
g_object_ref call.
I cannot find any ownership passing (or any use) of pdata or model in
the "body" of the if-statement. I attached an untested proposed
solution, which is to defer memory allocation and ref'ing till after
the "if" (i.e. at the [...] part).
The code snippet appears in 4.10.0, so if you agree with my assertion,
4.10.0 is also affected.
~Niels
--- settings/main.c.orig 2012-11-01 11:54:34.540623096 +0100
+++ settings/main.c 2012-11-01 11:56:46.288626451 +0100
@@ -1087,9 +1087,7 @@
gboolean file_added;
gchar *p;
GtkTreeModel *model = gtk_tree_view_get_model(GTK_TREE_VIEW(widget));
- PreviewData *pdata = g_new0(PreviewData, 1);
-
- pdata->model = g_object_ref(G_OBJECT(model));
+ PreviewData *pdata;
if(TARGET_TEXT_URI_LIST != info
|| selection_data->format != 8
@@ -1099,6 +1097,9 @@
return;
}
+ pdata = g_new0(PreviewData, 1);
+ pdata->model = g_object_ref(G_OBJECT(model));
+
p = (gchar *)selection_data->data;
while(*p) {
if(*p != '#') {
