[patch] libxklavier returns pointer to static memory where dynamic
is expected
Oleg Sharoiko
os at rsu.ru
Sun Oct 24 11:03:23 PDT 2004
>Submitter-Id: current-users
>Originator: Oleg Sharoiko
>Organization: Computer Center of Rostov State University
>Confidential: no
>Synopsis: [patch] libxklavier returns pointer to static memory where dynamic is expected
>Severity: serious
>Priority: medium
>Category: ports
>Class: sw-bug
>Release: FreeBSD 5.3-STABLE i386
>Environment:
System: FreeBSD brain.cc.rsu.ru 5.3-STABLE FreeBSD 5.3-STABLE #0: Tue Oct 19 13:59:02 MSD 2004 os at brain.cc.rsu.ru:/usr/obj/usr/src/sys/brain.athlon-xp.RELENG_5.2004-10-19 i386
>Description:
Function _XklLocaleFromUtf8() is used internaly by libxklavier.
This function usually returns pointer to dynamicly allocated memory.
But in some rare cases it may reach the last line which is
return converted;
where converted is
static char converted[XKL_MAX_CI_DESC_LENGTH];
This may result in a following error:
gnome-keyboard-properties in free(): error: junk pointer, too high to make sense
>How-To-Repeat:
It looks like last line of _XklLocaleFromUtf8 is reached only in some rare cases depending on some external condtions (files or something else). Unfortunately I can not provide exact instruction on how to repeat this error. But I suppose looking at _XklLocaleFromUtf8 code is enough to see this bug, as _XklLocaleFromUtf8 everywhere but on the last line returns results of strdup.
>Fix:
It looks like changing
return converted;
to
return strdup(converted);
would be enough.
I've submitted the PR to libxklavier SF page. Not sure though if they check it often enough. http://sourceforge.net/tracker/index.php?func=detail&aid=1052700&group_id=319&atid=300319
More information about the freebsd-ports
mailing list