yConnDis.c: fix memory leak

Direct leak of 3 byte(s) in 1 object(s) allocated from: #0 0xb79e85d4 in __interceptor_malloc (/lib/i386-linux-gnu/libasan.so.5+0xeb5d4) #1 0xb770b635 in copystring /home/uli/work/nx/nx-libs/nx-X11/lib/src/ConnDis.c:96 #2 0xb770ba56 in _X11TransConnectDisplay /home/uli/work/nx/nx-libs/nx-X11/lib/src/ConnDis.c:229 #3 0xb776b4fd in XOpenDisplay /home/uli/work/nx/nx-libs/nx-X11/lib/src/OpenDis.c:215 #4 0x63e2fd in nxagentInternalOpenDisplay /home/uli/work/nx/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Display.c:608 #5 0x63fa03 in nxagentOpenDisplay /home/uli/work/nx/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Display.c:1140 #6 0x694b5a in InitOutput /home/uli/work/nx/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Init.c:305 #7 0x5f7b11 in main /home/uli/work/nx/nx-libs/nx-X11/programs/Xserver/dix/main.c:278 #8 0xb6f04b40 in __libc_start_main ../csu/libc-start.c:308 I have not investigated the exact location where an XFree() was missing but added multiple Xfree() calls whereever appropriate. Fixes ArcticaProject/nx-libs#951

yConnDis.c: fix memory leak
12b22e97 · Ulrich Sibiller · Mike Gabriel · ca7b3310 · 12b22e97
Commit 12b22e97 authored Oct 18, 2020 by Ulrich Sibiller Committed by Mike Gabriel Nov 03, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 12 deletions

ConnDis.c nx-X11/lib/src/ConnDis.c +28 -12

No files found.
--- a/nx-X11/lib/src/ConnDis.c
+++ b/nx-X11/lib/src/ConnDis.c
@@ -226,6 +226,7 @@ _X11TransConnectDisplay (
          p += 3;
        }

+        if (pprotocol) XFree(pprotocol);
        pprotocol = copystring ("nx", 2);

        if (!pprotocol) goto bad;
@@ -233,7 +234,6 @@ _X11TransConnectDisplay (
 #ifdef NX_TRANS_TEST
        fprintf(stderr, "_X11TransConnectDisplay: Forced protocol to [%s].\n", pprotocol);
 #endif
-
    }
    else
    {
@@ -245,9 +245,14 @@ _X11TransConnectDisplay (
     * slash ('/').
     */
    for (lastp = p; *p && *p != ':' && *p != '/'; p++) ;
-    if (!*p) return NULL;		/* must have a colon */
+    if (!*p)				/* must have a colon */
+    {
+      if (pprotocol) XFree(pprotocol);
+      return NULL;
+    }

    if (p != lastp && *p != ':') {	/* protocol given? */
+	if (pprotocol) XFree(pprotocol);
 	pprotocol = copystring (lastp, p - lastp);
 	if (!pprotocol) goto bad;	/* no memory */
 	p++;				/* skip the '/' */
@@ -288,12 +293,14 @@ _X11TransConnectDisplay (

        if (lastc)
        {
+            if (phostname) XFree(phostname);
            phostname = copystring (lastp, lastc - lastp);

            p = lastc;
        }
        else
        {
+            if (phostname) XFree(phostname);
            phostname = copystring (lastp, strlen(lastp));
        }

@@ -323,7 +330,11 @@ _X11TransConnectDisplay (
 	if (*p == ':')
 	    lastc = p;

-    if (!lastc) return NULL;		/* must have a colon */
+    if (!lastc)			/* must have a colon */
+    {
+      if (pprotocol) XFree(pprotocol);
+      return NULL;
+    }

    if ((lastp != lastc) && (*(lastc - 1) == ':')
 #if defined(IPv6) && defined(AF_INET6)
@@ -338,6 +349,7 @@ _X11TransConnectDisplay (
 	hostlen = lastc - lastp;

    if (hostlen > 0) {		/* hostname given? */
+	if (phostname) XFree(phostname);
 	phostname = copystring (lastp, hostlen);
 	if (!phostname) goto bad;	/* no memory */
    }
@@ -417,7 +429,7 @@ _X11TransConnectDisplay (
            if (value == NULL || strstr(value, "=") != NULL ||
                    strstr(name, ",") != NULL || strlen(value) >= 128)
            {
-                Xfree(host);
+                if (host) Xfree(host);

                goto bad;
            }
@@ -425,17 +437,21 @@ _X11TransConnectDisplay (
            {
                idisplay = atoi(value);

+                if (pdpynum) XFree(pdpynum);
                pdpynum = copystring(value, strlen(value));

-                if (!pdpynum) goto bad;
-
+                if (!pdpynum)
+                {
+                    if (host) Xfree(host);
+                    goto bad;
+                }
                break;
            }

            name = strtok(NULL, "=");
        }

-        Xfree(host);
+        if (host) Xfree(host);

        if (idisplay == -1)
        {
@@ -486,6 +502,7 @@ _X11TransConnectDisplay (

    if (pprotocol && !strcasecmp(pprotocol, "nx"))
    {
+        Xfree(pprotocol);
        pprotocol = copystring ("local", 5);

        if (!pprotocol) goto bad;
@@ -502,18 +519,18 @@ _X11TransConnectDisplay (
    if (!pprotocol) {
 #if defined(UNIXCONN)
 	if (phostname && (strcmp (phostname, "unix") == 0)) {
-	    Xfree(pprotocol);
 	    pprotocol = copystring ("unix", 4);
 	} else
 #endif
 #ifdef HAVE_LAUNCHD
 	if (phostname && phostname[0]=='/') {
-		pprotocol = copystring ("local", 5);
+	    pprotocol = copystring ("local", 5);
 	}
 #endif
 	if (!phostname)
 	{
 	    if (local_transport[0] != NULL) {
+		if (pprotocol) Xfree(pprotocol);
 		pprotocol = Xstrdup(local_transport[0]);
 		local_transport_index = 0;
 	    }
@@ -611,7 +628,7 @@ _X11TransConnectDisplay (
    }

 #if defined(NX_TRANS_SOCKET) && defined(NX_TRANS_TEST)
-        fprintf(stderr, "_X11TransConnectDisplay: Out of connection loop.\n");
+    fprintf(stderr, "_X11TransConnectDisplay: Out of connection loop.\n");
 #endif
    if (address != addrbuf) Xfree (address);
    address = addrbuf;
@@ -636,7 +653,7 @@ _X11TransConnectDisplay (
     *  XDisplayString() and XDisplayName() agree.
     */
    if (reset_hostname && (phostname != original_hostname)) {
-	Xfree (phostname);
+	if (phostname) Xfree (phostname);
 	phostname = original_hostname;
 	original_hostname = NULL;
    }
@@ -668,7 +685,6 @@ _X11TransConnectDisplay (
 #if defined(LOCALCONN) || defined(UNIXCONN) || defined(TCPCONN)
    if (original_hostname) Xfree (original_hostname);
 #endif
-
    GetAuthorization(trans_conn, family, (char *) saddr, saddrlen, idisplay,
 		     auth_namep, auth_namelenp, auth_datap, auth_datalenp);
    return trans_conn;