Bugs regarding the allocation of XResClientIdValue::value in ReadClientValues, which is used in XResQueryClientIds
This is about these two lines of code: https://gitlab.freedesktop.org/xorg/lib/libxres/-/blob/97d312e5fd9b4b97e3f50c899a40325768f246a5/src/XRes.c#L258-259
I think there isn't enough memory allocated for the
_XRead32. If I understand that function correctly, while it reads the number of bytes specified, it returns/writes one long for every 32bit of data. On a 64bit system, a long is usually 8 bytes big. The memory allocated is only the number of bytes read, not the number of space the long values would need. This causes twice as much memory to be overwritten as was allocated on 64bit system.
Another thing which seams odd to me about this is that the memory is allocated there, and not in
XResQueryClientIds as part of the memory allocated for the
client_ids. Is the caller of
XResQueryClientIds really supposed to free all these values by himself?
And the last thing I wonder about, why is
XResClientIdValue::value of type
void*, shouldn't it be of type
According to the spec here: https://www.x.org/releases/X11R7.7/doc/resourceproto/resproto.txt
client_ids: LISTofCLIENTIDVALUE and
CLIENTIDVALUE [ spec: CLIENTIDSPEC length: CARD32 value: LISTofCARD32 ]
And I think
CARD32 seams to usually be translated to a long in the libraries other data structures?
(Closed previous identical issue 2 which I marked as confidential because noone responded to it in over a month and I can't unmark it anymore.)