Most zalloc calls in weston are checked, this fixes a handful that were
being ignored. As found by `grep -EIsr "[^x]zalloc\(" . -A1`
Update: Drop the chunk in screen-share.c; Hardening already fixed the
zalloc check in commit e57d1f21.
Signed-off-by: Bryce Harrington <[email protected]>
---
src/compositor-wayland.c | 6 ++++++
src/libinput-seat.c | 2 +-
src/screenshooter.c | 33 ++++++++++++++++++++-------------
src/udev-seat.c | 2 +-
4 files changed, 28 insertions(+), 15 deletions(-)
diff --git a/src/compositor-wayland.c b/src/compositor-wayland.c
index f35db9c..67f15be 100644
--- a/src/compositor-wayland.c
+++ b/src/compositor-wayland.c
@@ -256,6 +256,12 @@ wayland_output_get_shm_buffer(struct wayland_output
*output)
}
sb = zalloc(sizeof *sb);
+ if (sb == NULL) {
+ weston_log("could not zalloc %ld memory for sb: %m\n", sizeof
*sb);
+ close(fd);
+ free(data);
+ return NULL;
+ }
sb->output = output;
wl_list_init(&sb->free_link);
diff --git a/src/libinput-seat.c b/src/libinput-seat.c
index 8bf538c..acb29d7 100644
--- a/src/libinput-seat.c
+++ b/src/libinput-seat.c
@@ -330,9 +330,9 @@ udev_seat_create(struct udev_input *input, const char
*seat_name)
struct udev_seat *seat;
seat = zalloc(sizeof *seat);
-
if (!seat)
return NULL;
+
weston_seat_init(&seat->base, c, seat_name);
seat->base.led_update = udev_seat_led_update;
diff --git a/src/screenshooter.c b/src/screenshooter.c
index 02146c8..369e920 100644
--- a/src/screenshooter.c
+++ b/src/screenshooter.c
@@ -450,6 +450,17 @@ weston_recorder_frame_notify(struct wl_listener *listener,
void *data)
}
static void
+weston_recorder_free(struct weston_recorder *recorder)
+{
+ if (recorder == NULL)
+ return;
+ free(recorder->rect);
+ free(recorder->tmpbuf);
+ free(recorder->frame);
+ free(recorder);
+}
+
+static void
weston_recorder_create(struct weston_output *output, const char *filename)
{
struct weston_compositor *compositor = output->compositor;
@@ -461,7 +472,6 @@ weston_recorder_create(struct weston_output *output, const
char *filename)
do_yflip = !!(compositor->capabilities & WESTON_CAP_CAPTURE_YFLIP);
recorder = malloc(sizeof *recorder);
-
if (recorder == NULL) {
weston_log("%s: out of memory\n", __func__);
return;
@@ -476,6 +486,12 @@ weston_recorder_create(struct weston_output *output, const
char *filename)
recorder->destroying = 0;
recorder->output = output;
+ if ((recorder->frame == NULL) || (recorder->rect == NULL)) {
+ weston_log("%s: out of memory\n", __func__);
+ weston_recorder_free(recorder);
+ return;
+ }
+
if (do_yflip)
recorder->tmpbuf = NULL;
else
@@ -493,10 +509,7 @@ weston_recorder_create(struct weston_output *output, const
char *filename)
break;
default:
weston_log("unknown recorder format\n");
- free(recorder->rect);
- free(recorder->tmpbuf);
- free(recorder->frame);
- free(recorder);
+ weston_recorder_free(recorder);
return;
}
@@ -505,10 +518,7 @@ weston_recorder_create(struct weston_output *output, const
char *filename)
if (recorder->fd < 0) {
weston_log("problem opening output file %s: %m\n", filename);
- free(recorder->rect);
- free(recorder->tmpbuf);
- free(recorder->frame);
- free(recorder);
+ weston_recorder_free(recorder);
return;
}
@@ -527,11 +537,8 @@ weston_recorder_destroy(struct weston_recorder *recorder)
{
wl_list_remove(&recorder->frame_listener.link);
close(recorder->fd);
- free(recorder->tmpbuf);
- free(recorder->frame);
- free(recorder->rect);
recorder->output->disable_planes--;
- free(recorder);
+ weston_recorder_free(recorder);
}
static void
diff --git a/src/udev-seat.c b/src/udev-seat.c
index 5e018de..cd2f6a9 100644
--- a/src/udev-seat.c
+++ b/src/udev-seat.c
@@ -373,9 +373,9 @@ udev_seat_create(struct udev_input *input, const char
*seat_name)
struct udev_seat *seat;
seat = zalloc(sizeof *seat);
-
if (!seat)
return NULL;
+
weston_seat_init(&seat->base, c, seat_name);
seat->base.led_update = drm_led_update;
--
1.7.9.5
_______________________________________________
wayland-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/wayland-devel
