diff options
author | Rui Matos <tiagomatos@gmail.com> | 2016-04-06 16:40:44 +0200 |
---|---|---|
committer | Mike Gorse <mgorse@suse.com> | 2016-04-11 10:49:25 -0500 |
commit | bb8118284fa248b74f59426f73497fc012469198 (patch) | |
tree | de0c80f82005fba18f2a728f410ce4ac37ea1a3a | |
parent | 44329fb78ee6a0fd1bd5f906084fc0b7dd912fc6 (diff) | |
download | at-spi2-core-bb8118284fa248b74f59426f73497fc012469198.tar.gz |
registryd: Avoid crashing with a NULL keystring
From a coverity check:
1. at-spi2-core-2.14.1/registryd/deviceeventcontroller-x11.c:1167:
deref_ptr_in_call: Dereferencing pointer "keystring".
2. at-spi2-core-2.14.1/registryd/deviceeventcontroller-x11.c:1169:
check_after_deref: Null-checking "keystring" suggests that it may be
null, but it has already been dereferenced on all paths leading to the
check.
(keystring, -1, &c))) {
https://bugzilla.gnome.org/show_bug.cgi?id=764688
-rw-r--r-- | registryd/deviceeventcontroller-x11.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/registryd/deviceeventcontroller-x11.c b/registryd/deviceeventcontroller-x11.c index 5c2cf890..f8df6d8a 100644 --- a/registryd/deviceeventcontroller-x11.c +++ b/registryd/deviceeventcontroller-x11.c @@ -1165,8 +1165,6 @@ spi_dec_x11_synth_keystring (SpiDEController *controller, guint synth_type, gint const gchar *c; KeySym keysym; - maxlen = strlen (keystring) + 1; - keysyms = g_new0 (KeySym, maxlen); if (!(keystring && *keystring && g_utf8_validate (keystring, -1, &c))) { retval = FALSE; } @@ -1174,6 +1172,9 @@ spi_dec_x11_synth_keystring (SpiDEController *controller, guint synth_type, gint #ifdef SPI_DEBUG fprintf (stderr, "[keystring synthesis attempted on %s]\n", keystring); #endif + maxlen = strlen (keystring) + 1; + keysyms = g_new0 (KeySym, maxlen); + while (keystring && (unichar = g_utf8_get_char (keystring))) { char bytes[6]; gint mbytes; @@ -1207,8 +1208,9 @@ spi_dec_x11_synth_keystring (SpiDEController *controller, guint synth_type, gint } } XSynchronize (spi_get_display (), FALSE); + + g_free (keysyms); } - g_free (keysyms); if (synth_type == Accessibility_KEY_SYM) { keysym = keycode; |