From 3eb4fa15ee4c9297cc77ce69fcfcd5d7192462f4 Mon Sep 17 00:00:00 2001 From: Dominique Martinet Date: Thu, 28 Dec 2017 09:44:35 +0100 Subject: [PATCH] ENOMEM checks: consistently check wl_array_add return --- types/wlr_data_device.c | 3 +++ types/wlr_primary_selection.c | 3 +++ types/wlr_seat.c | 5 +++++ types/wlr_xdg_shell_v6.c | 24 ++++++++++++++++++++---- xwayland/selection.c | 9 +++++++++ 5 files changed, 40 insertions(+), 4 deletions(-) diff --git a/types/wlr_data_device.c b/types/wlr_data_device.c index af81d861..58893129 100644 --- a/types/wlr_data_device.c +++ b/types/wlr_data_device.c @@ -907,6 +907,9 @@ static void data_source_offer(struct wl_client *client, *p = strdup(mime_type); } if (!p || !*p){ + if (p) { + source->mime_types.size -= sizeof *p; + } wl_resource_post_no_memory(resource); } } diff --git a/types/wlr_primary_selection.c b/types/wlr_primary_selection.c index 8163d2e5..1228e94e 100644 --- a/types/wlr_primary_selection.c +++ b/types/wlr_primary_selection.c @@ -127,6 +127,9 @@ static void source_handle_offer(struct wl_client *client, *p = strdup(mime_type); } if (p == NULL || *p == NULL) { + if (p) { + source->mime_types.size -= sizeof(*p); + } wl_resource_post_no_memory(resource); } } diff --git a/types/wlr_seat.c b/types/wlr_seat.c index 156ac142..2a79f784 100644 --- a/types/wlr_seat.c +++ b/types/wlr_seat.c @@ -876,6 +876,11 @@ void wlr_seat_keyboard_enter(struct wlr_seat *seat, wl_array_init(&keys); for (size_t i = 0; i < keyboard->num_keycodes; ++i) { uint32_t *p = wl_array_add(&keys, sizeof(uint32_t)); + if (!p) { + wlr_log(L_ERROR, "Cannot allocate memory, skipping keycode: %d\n", + keyboard->keycodes[i]); + continue; + } *p = keyboard->keycodes[i]; } uint32_t serial = wl_display_next_serial(seat->display); diff --git a/types/wlr_xdg_shell_v6.c b/types/wlr_xdg_shell_v6.c index ead5a73e..87dac3ff 100644 --- a/types/wlr_xdg_shell_v6.c +++ b/types/wlr_xdg_shell_v6.c @@ -922,19 +922,35 @@ static void wlr_xdg_toplevel_v6_send_configure( wl_array_init(&states); if (surface->toplevel_state->pending.maximized) { s = wl_array_add(&states, sizeof(uint32_t)); - *s = ZXDG_TOPLEVEL_V6_STATE_MAXIMIZED; + if (!s) { + wlr_log(L_ERROR, "Could not allocate state for maximized xdg_toplevel"); + } else { + *s = ZXDG_TOPLEVEL_V6_STATE_MAXIMIZED; + } } if (surface->toplevel_state->pending.fullscreen) { s = wl_array_add(&states, sizeof(uint32_t)); - *s = ZXDG_TOPLEVEL_V6_STATE_FULLSCREEN; + if (!s) { + wlr_log(L_ERROR, "Could not allocate state for fullscreen xdg_toplevel"); + } else { + *s = ZXDG_TOPLEVEL_V6_STATE_FULLSCREEN; + } } if (surface->toplevel_state->pending.resizing) { s = wl_array_add(&states, sizeof(uint32_t)); - *s = ZXDG_TOPLEVEL_V6_STATE_RESIZING; + if (!s) { + wlr_log(L_ERROR, "Could not allocate state for resizing xdg_toplevel"); + } else { + *s = ZXDG_TOPLEVEL_V6_STATE_RESIZING; + } } if (surface->toplevel_state->pending.activated) { s = wl_array_add(&states, sizeof(uint32_t)); - *s = ZXDG_TOPLEVEL_V6_STATE_ACTIVATED; + if (!s) { + wlr_log(L_ERROR, "Could not allocate state for activated xdg_toplevel"); + } else { + *s = ZXDG_TOPLEVEL_V6_STATE_ACTIVATED; + } } uint32_t width = surface->toplevel_state->pending.width; diff --git a/xwayland/selection.c b/xwayland/selection.c index 0d7f1588..280df583 100644 --- a/xwayland/selection.c +++ b/xwayland/selection.c @@ -55,6 +55,15 @@ static int xwm_read_data_source(int fd, uint32_t mask, void *data) { int current = selection->source_data.size; if (selection->source_data.size < incr_chunk_size) { p = wl_array_add(&selection->source_data, incr_chunk_size); + if (!p){ + wlr_log(L_ERROR, "Could not allocate selection source_data to read into, throwing away some input"); + /* if we just return now, we'll just be called + * again right away - force read something. + * 1K on stack is probably fine? */ + char junk[1024]; + read(fd, junk, sizeof(junk)); + return 1; + } } else { p = (char *) selection->source_data.data + selection->source_data.size; }