[PATCH 02/02] wmaker: check RCreateImage() result for _NET_WM_ICON
3 views
Skip to first unread message
david.m...@gmail.com
May 10, 2026, 11:32:30 PM (9 days ago) May 10
to Window Maker Development
makeRImageFromARGBData() dereferences image->data immediately after
RCreateImage() without checking for NULL. A client that advertises a
20000x20000 icon makes RCreateImage() try a 1.6 GB malloc, on failure
wmaker segfaults.
---
src/wmspec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/wmspec.c b/src/wmspec.c
index 1111111..2222222 100644
--- a/src/wmspec.c
+++ b/src/wmspec.c
@@ -408,6 +408,8 @@ static RImage *makeRImageFromARGBData(unsigned long *data)
return NULL;
image = RCreateImage(width, height, True);
+ if (!image)
+ return NULL;
for (imgdata = image->data, i = 2; i < size + 2; i++, imgdata += 4) {
pixel = data[i];
--
2.43.0
RCreateImage() without checking for NULL. A client that advertises a
20000x20000 icon makes RCreateImage() try a 1.6 GB malloc, on failure
wmaker segfaults.
---
src/wmspec.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/wmspec.c b/src/wmspec.c
index 1111111..2222222 100644
--- a/src/wmspec.c
+++ b/src/wmspec.c
@@ -408,6 +408,8 @@ static RImage *makeRImageFromARGBData(unsigned long *data)
return NULL;
image = RCreateImage(width, height, True);
+ if (!image)
+ return NULL;
for (imgdata = image->data, i = 2; i < size + 2; i++, imgdata += 4) {
pixel = data[i];
--
2.43.0
Reply all
Reply to author
Forward
0 new messages