-
If the server sends a reply in which even the first string would overflow the transmitted bytes, list[0] (or flist[0]) will be set to NULL and a count of 0 is returned. If the resulting list is freed with XFreeExtensionList or XFreeFontPath later on, the first Xfree call: Xfree (list[0]-1) turns into Xfree (NULL-1) which will most likely trigger a segmentation fault. I have modified the code to return NULL if the first string would overflow, thus protecting the freeing functions later on. Signed-off-by:Tobias Stoeckmann <tobias@stoeckmann.org>
e8372276
