[PATCH:xsetroot] Only use results from GetWindowProperty if it returned success

Sat, 03 Jan 2015 14:31:47 -0800 

Since Xlib prior to 1.6 didn't always clear values on failure, don't
assume they're safe to use unless we succeeded.

Reported by Oracle Parfait 1.5.1:
Error: Uninitialised memory (CWE 456)
   Possible access to uninitialised memory '&after'
        at line 328 of xsetroot.c in function 'FixupState'.
          &after allocated at line 317.
   Possible access to uninitialised memory '&data'
        at line 330 of xsetroot.c in function 'FixupState'.
          &data allocated at line 318.
   Possible access to uninitialised memory '&format'
        at line 328 of xsetroot.c in function 'FixupState'.
          &format allocated at line 316.
   Possible access to uninitialised memory '&length'
        at line 328 of xsetroot.c in function 'FixupState'.
          &length allocated at line 317.
   Possible access to uninitialised memory '&type'
        at line 328 of xsetroot.c in function 'FixupState'.
          &type allocated at line 315.
        at line 331 of xsetroot.c in function 'FixupState'.
          &type allocated at line 315.

Signed-off-by: Alan Coopersmith <[email protected]>
---
 xsetroot.c |   11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/xsetroot.c b/xsetroot.c
index 56ce741..5f142e1 100644
--- a/xsetroot.c
+++ b/xsetroot.c
@@ -331,10 +331,13 @@ FixupState(void)
        return;
     prop = XInternAtom(dpy, "_XSETROOT_ID", False);
     if (unsave_past) {    
-       (void)XGetWindowProperty(dpy, root, prop, 0L, 1L, True, AnyPropertyType,
-                                &type, &format, &length, &after, &data);
-       if ((type == XA_PIXMAP) && (format == 32) &&
-           (length == 1) && (after == 0))
+       if (XGetWindowProperty(dpy, root, prop, 0L, 1L, True, AnyPropertyType,
+                      &type, &format, &length, &after, &data) != Success)
+           fprintf(stderr,
+                   "%s: warning: cannot get _XSETROOT_ID property from root 
window\n",
+                   program_name);
+       else if ((type == XA_PIXMAP) && (format == 32) &&
+                (length == 1) && (after == 0))
            XKillClient(dpy, *((Pixmap *)data));
        else if (type != None)
            fprintf(stderr, "%s: warning: _XSETROOT_ID property is garbage\n",
-- 
1.7.9.2

_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel

Reply via email to