[Qemu-devel] [STABLE] [PATCH] VNC: Fix memory allocation (wrong structure size).

[Qemu-devel] [STABLE] [PATCH] VNC: Fix memory allocation (wrong structure size).

[Stefan Weil]

Pointer vs addresses a VncDisplay structure,
so it is sufficient to allocate sizeof(VncDisplay)
or sizeof(*vs) bytes instead of the much larger
sizeof(VncState).

Maybe the misleading name should be fixed, too:
the code contains many places where vs is used,
sometimes it is a VncState *, sometimes it is a
VncDisplay *. vd would be a better name.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
---
 vnc.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/vnc.c b/vnc.c
index 3f5d622..41defc2 100644
--- a/vnc.c
+++ b/vnc.c
@@ -2033,9 +2033,8 @@ static void vnc_listen_read(void *opaque)

 void vnc_display_init(DisplayState *ds)
 {
-    VncDisplay *vs;
+    VncDisplay *vs = qemu_mallocz(sizeof(*vs));

-    vs = qemu_mallocz(sizeof(VncState));
     dcl = qemu_mallocz(sizeof(DisplayChangeListener));

     ds->opaque = vs;
--
1.5.6.5

Re: [Qemu-devel] [STABLE] [PATCH] VNC: Fix memory allocation (wrong structure size).

[Stefan Weil]

[-- Attachment #1: Type: text/plain, Size: 1047 bytes --]

Stefan Weil schrieb:
> Pointer vs addresses a VncDisplay structure,
> so it is sufficient to allocate sizeof(VncDisplay)
> or sizeof(*vs) bytes instead of the much larger
> sizeof(VncState).
>
> Maybe the misleading name should be fixed, too:
> the code contains many places where vs is used,
> sometimes it is a VncState *, sometimes it is a
> VncDisplay *. vd would be a better name.
>
> Signed-off-by: Stefan Weil <weil@mail.berlios.de>
> ---
>  vnc.c |    3 +--
>  1 files changed, 1 insertions(+), 2 deletions(-)
>
> diff --git a/vnc.c b/vnc.c
> index 3f5d622..41defc2 100644
> --- a/vnc.c
> +++ b/vnc.c
> @@ -2033,9 +2033,8 @@ static void vnc_listen_read(void *opaque)
>
>  void vnc_display_init(DisplayState *ds)
>  {
> -    VncDisplay *vs;
> +    VncDisplay *vs = qemu_mallocz(sizeof(*vs));
>
> -    vs = qemu_mallocz(sizeof(VncState));
>      dcl = qemu_mallocz(sizeof(DisplayChangeListener));
>
>      ds->opaque = vs;
> --
> 1.5.6.5
>
>
>   

The patch above was whitespace broken.
The appended patch will work.

Regards,

Stefan Weil


[-- Attachment #2: 0003-VNC-Fix-memory-allocation-wrong-structure-size.patch --]
[-- Type: text/x-diff, Size: 1090 bytes --]

>From 1bcb958ac2127f96a8c3ee7fefa341f7296e48ba Mon Sep 17 00:00:00 2001
From: Stefan Weil <weil@mail.berlios.de>
Date: Sun, 24 May 2009 22:25:44 +0200
Subject: [PATCH] VNC: Fix memory allocation (wrong structure size).

Pointer vs addresses a VncDisplay structure,
so it is sufficient to allocate sizeof(VncDisplay)
or sizeof(*vs) bytes instead of the much larger
sizeof(VncState).

Maybe the misleading name should be fixed, too:
the code contains many places where vs is used,
sometimes it is a VncState *, sometimes it is a
VncDisplay *. vd would be a better name.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
---
 vnc.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/vnc.c b/vnc.c
index 3f5d622..41defc2 100644
--- a/vnc.c
+++ b/vnc.c
@@ -2033,9 +2033,8 @@ static void vnc_listen_read(void *opaque)
 
 void vnc_display_init(DisplayState *ds)
 {
-    VncDisplay *vs;
+    VncDisplay *vs = qemu_mallocz(sizeof(*vs));
 
-    vs = qemu_mallocz(sizeof(VncState));
     dcl = qemu_mallocz(sizeof(DisplayChangeListener));
 
     ds->opaque = vs;
-- 
1.5.6.5