Bug 25785 - libSM: uninitialized / previously buffered data sent in list/array padding
Summary: libSM: uninitialized / previously buffered data sent in list/array padding
Alias: None
Product: xorg
Classification: Unclassified
Component: Lib/other (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Xorg Project Team
QA Contact: Xorg Project Team
Whiteboard: 2011BRB_Reviewed
Keywords: patch
Depends on:
Reported: 2009-12-23 17:56 UTC by David Baron
Modified: 2018-06-12 19:08 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:

patch (1.24 KB, patch)
2009-12-23 17:56 UTC, David Baron
no flags Details | Splinter Review

Description David Baron 2009-12-23 17:56:10 UTC
Created attachment 32267 [details] [review]

As I mentioned in bug 17644 comment 2, I was investigating the same problem described in bug 17644 (since I was using a libSM lacking the fix there), and came up with an alternative fix that I think *might* be preferable.  Since attaching a patch on a closed bug probably isn't the best way to get it seen, I'm attaching it to an open bug in case you also prefer this approach.

The patch in bug 17644 zero-fills the scratch buffer when allocating it.  After that point, the buffer is reused multiple times, so effectively-uninitialized data (i.e., from the previous use of the scratch buffer) is still being used and sent over sockets.

In any case, here's an alternative patch that stores zeros when adding padding instead of just skipping space.
Comment 1 Jeremy Huddleston Sequoia 2011-10-09 02:46:26 UTC
Could you please send your patch to xorg-devel for review?
Comment 3 Adam Jackson 2018-06-12 19:08:04 UTC
Mass closure: This bug has been untouched for more than six years, and is not
obviously still valid. Please reopen this bug or file a new report if you continue to experience issues with current releases.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.