On 01/20/2015 05:57 PM, Peter Harris wrote:
> Found by -fsanitize=address
>
> Signed-off-by: Peter Harris <[email protected]>
> ---
> xts5/src/libproto/ShowSup.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/xts5/src/libproto/ShowSup.c b/xts5/src/libproto/ShowSup.c
> index a05ff7d..b8ba796 100644
> --- a/xts5/src/libproto/ShowSup.c
> +++ b/xts5/src/libproto/ShowSup.c
> @@ -581,7 +581,7 @@ int format;
> int i;
>
> if (nval > 0) {
> - valuePtr = (CARD32 *) ((CARD32 *) rp + size);
> + valuePtr = (CARD32 *) ((CARD8 *) rp + size);
The original code seems so bogus that the error must be trivially
observable. How did this remain undetected for so long? It was in the
initial import in February 2005... 10 years ago!
As a side note... I'm impressed that ajax hasn't kill every bit of
pre-C89 code from git.freedesktop.org. :)
> for (i = 0; i < nval; i++) {
> Log_Some("\tfontprop %d, name = 0x%lx, value =
> 0x%lx\n", i, *valuePtr, *(valuePtr+1));
> valuePtr += 2;
> @@ -598,7 +598,7 @@ int format;
> int i;
>
> if (nval > 0) {
> - valuePtr = (CARD16 *) ((CARD16 *) rp + size);
> + valuePtr = (CARD16 *) ((CARD8 *) rp + size);
> for (i = 0; i < nval; i++) {
> Log_Some("\tcharinfo %d, left-side-bearing = %d,
> right-side-bearing = %d, character-width = %d, ascent = %d, descent = %d,
> attributes = 0x%x\n", i, *valuePtr, *(valuePtr+1), *(valuePtr+2),
> *(valuePtr+3), *(valuePtr+4), *(valuePtr+5));
> valuePtr += 6;
>
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
