On Fri, Jul 08, 2011 at 12:17:30PM +0200, Christophe Fergeau wrote:
There is a double free in client/x11/platform.cpp.
In get_selection(), in the exit: case with ret_val == -1 and data != NULL,
*data_ret (which is returned to the caller) has already been
assigned data, so it will be pointing
There is a double free in client/x11/platform.cpp.
In get_selection(), in the exit: case with ret_val == -1 and data != NULL,
*data_ret (which is returned to the caller) has already been
assigned data, so it will be pointing to freed memory when data is
XFree'd'. Then in handle_selection_notify,
