From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1M8KO9-0008M7-CI
	for qemu-devel@nongnu.org; Sun, 24 May 2009 16:33:45 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1M8KO4-0008Dr-Er
	for qemu-devel@nongnu.org; Sun, 24 May 2009 16:33:44 -0400
Received: from [199.232.76.173] (port=59228 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1M8KO4-0008Da-7h
	for qemu-devel@nongnu.org; Sun, 24 May 2009 16:33:40 -0400
Received: from moutng.kundenserver.de ([212.227.126.177]:59002)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <weil@mail.berlios.de>) id 1M8KO3-0000Ia-Kk
	for qemu-devel@nongnu.org; Sun, 24 May 2009 16:33:40 -0400
Received: from localhost ([127.0.0.1] ident=stefan)
	by flocke.weilnetz.de with esmtp (Exim 4.69)
	(envelope-from <weil@mail.berlios.de>) id 1M8KO1-0003LI-2l
	for qemu-devel@nongnu.org; Sun, 24 May 2009 22:33:37 +0200
Message-ID: <4A19AF1E.5030201@mail.berlios.de>
Date: Sun, 24 May 2009 22:33:34 +0200
From: Stefan Weil <weil@mail.berlios.de>
MIME-Version: 1.0
Subject: [Qemu-devel] [STABLE] [PATCH] VNC: Fix memory allocation (wrong
	structure size).
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: QEMU Developers <qemu-devel@nongnu.org>

Pointer vs addresses a VncDisplay structure,
so it is sufficient to allocate sizeof(VncDisplay)
or sizeof(*vs) bytes instead of the much larger
sizeof(VncState).

Maybe the misleading name should be fixed, too:
the code contains many places where vs is used,
sometimes it is a VncState *, sometimes it is a
VncDisplay *. vd would be a better name.

Signed-off-by: Stefan Weil <weil@mail.berlios.de>
---
 vnc.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/vnc.c b/vnc.c
index 3f5d622..41defc2 100644
--- a/vnc.c
+++ b/vnc.c
@@ -2033,9 +2033,8 @@ static void vnc_listen_read(void *opaque)

 void vnc_display_init(DisplayState *ds)
 {
-    VncDisplay *vs;
+    VncDisplay *vs = qemu_mallocz(sizeof(*vs));

-    vs = qemu_mallocz(sizeof(VncState));
     dcl = qemu_mallocz(sizeof(DisplayChangeListener));

     ds->opaque = vs;
--
1.5.6.5