On 10/20/11 03:44, Dave Airlie wrote:
From: Dave Airlie<airl...@redhat.com>
coverity scan pointed this out.
In some of its error cases AllocARGBCursor freed the bits passed in,
because it assigned them to the cursor and called FreeCursorBits, in
one case it didn't, if it hadn't done the assignment.
This standardises the interface so it always frees in the passed in bits
on failure, and cleans up the call sites.
Should that be noted in the doxygen comment for that function for future
reference?
Signed-off-by: Dave Airlie<airl...@redhat.com>
---
dix/cursor.c | 5 ++++-
dix/dispatch.c | 2 --
dix/window.c | 5 -----
render/render.c | 2 --
4 files changed, 4 insertions(+), 10 deletions(-)
diff --git a/dix/cursor.c b/dix/cursor.c
index f29cb11..0e8caf6 100644
--- a/dix/cursor.c
+++ b/dix/cursor.c
@@ -240,8 +240,11 @@ AllocARGBCursor(unsigned char *psrcbits, unsigned char
*pmaskbits,
*ppCurs = NULL;
pCurs = (CursorPtr)calloc(CURSOR_REC_SIZE + CURSOR_BITS_SIZE, 1);
- if (!pCurs)
+ if (!pCurs) {
+ free(psrcbits);
+ free(pmaskbits);
return BadAlloc;
+ }
What about argb in #ifdef ARGB_CURSOR? Looks like that would get assigned to
bits->argb, which is also freed by FreeCursorBits().
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Platform Engineering: X Window System
_______________________________________________
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
