It looks good to me.
in svn.
but it missed a same "beyond boundary" case for the arrary in
edje_externals/elm_photocam.c
I modified it also.
Thank you.
------------------------------------
Let's run together for the best moment!
-Regards, Hermet-
-----Original Message-----
From: "Rajeev Ranjan"<rajee...@samsung.com>
To: enlightenment-devel@lists.sourceforge.net
Cc: "Rajeev Ranjan"<rajee...@samsung.com>
Sent: 11-09-22(목) 11:16:28
Subject: [E-devel] [Patch] Some memory issue fixes for elementary
Hi all,
I found few memory related issues in elementary package when performed static
analysis on it.
These issues include:
Array indices getting out of bounds, freed memory address being passed to a
function as parameter, memory not getting cleaned up because of earlier return
statement.
Issues details:
1. In elm_widget.c inside function elm_widget_signal_callback_del(), it is
possible that freed memory address esd is passed to the
sd->callback_del_func(). I think it should be data, not esd.
Moreover what if the callback frees memory for data, then the other problem is
that the return value is data from the function
elm_widget_signal_callback_del() which in my opinion can be a problem.
2. Inside directory src/edje_externals for files elm_genlist.c, elm_notify.c,
elm_list.c, elm_thumb.c and elm_map.c, array indices can go beyound bounary.
sizeof() operator for an array of character pointers will return [number of
elements in the array * size of (char*)], basically 4 times the number of
elements which has been taken care in assertion inside src/edje_extenarnals
while performing assertion but has been missed in the next statement in the
loop condition.
3. In file src/lib/elm_config.c inside function _elm_config_profiles_list,
freeing of file iterator has been missed out.
Please review the attached patch and let me know your opinion.
Thanks.
Regards,
Rajeev
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________
enlightenment-devel mailing list
enlightenment-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
