~scoopta/wofi

3 2

[PATCH] Fix double free when both allow_markup and parse_search are enabled

Jonas Witschel
Details
Message ID
<96987b5cab9f5d3b9ffc.1587647741@tichy.localdomain>
DKIM signature
fail
Download raw message
DKIM signature: fail
# HG changeset patch
# User Jonas Witschel <diabonas@archlinux.org>
# Date 1587645842 -7200
#      Thu Apr 23 14:44:02 2020 +0200
# Node ID 96987b5cab9f5d3b9ffce08388ebc7bc9d10e730
# Parent  a574c2d2ebabc847da5ea80a372b4466350513a3
Fix double free when both allow_markup and parse_search are enabled

If out is not initialised, GLib will attempt to free the string automagically
later, leading to a crash. To reproduce, try running

wofi --define parse_search=true --define allow_markup=true --show dmenu,drun

diff -r a574c2d2ebab -r 96987b5cab9f src/wofi.c
--- a/src/wofi.c	Wed Apr 22 11:22:23 2020 +0200
+++ b/src/wofi.c	Thu Apr 23 14:44:02 2020 +0200
@@ -384,7 +384,7 @@
 			free(tmp);
 		}
 		if(allow_markup) {
-			char* out;
+			char* out = NULL;
 			pango_parse_markup(search_text, -1, 0, NULL, &out, NULL, NULL);
 			free(search_text);
 			search_text = out;
Scoopta
Details
Message ID
<55261927-9eca-d69f-6675-10e609533208@scoopta.email>
In-Reply-To
<96987b5cab9f5d3b9ffc.1587647741@tichy.localdomain> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
Hmm, I couldn't get it to crash for me but I'll take your word for it. I
pushed it
Jonas Witschel
Details
Message ID
<e8c23629-b00a-ae73-6b41-d3d8c48e9642@archlinux.org>
In-Reply-To
<55261927-9eca-d69f-6675-10e609533208@scoopta.email> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
On 2020-04-23 21:10, Scoopta wrote:
> Hmm, I couldn't get it to crash for me but I'll take your word for it. I
> pushed it

Thank you for applying the patch, and for your work on wofi in general!
I haven't investigated which desktop entry is causing the problem, maybe
it contains exotic or invalid syntax.

For reference, I am also able to reproduce this with the official wofi
1.1.2-2 Arch Linux package when deliberately using invalid pango markup
in dmenu mode, e.g.

echo '<b>' | \
wofi -c /dev/null -D allow_markup=true -D parse_search=true -d

Cheers,
Jonas
Scoopta
Details
Message ID
<be0a6f81-3d63-d134-6c77-d285ae8dcf38@scoopta.email>
In-Reply-To
<55261927-9eca-d69f-6675-10e609533208@scoopta.email> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
I wonder if it's due to different versions of pango because while I get
warnings in my terminal that still doesn't crash.
Reply to thread Export thread (mbox)