From 5be7451367901c13a697ecefcb634920cd156cb7 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Tue, 19 Apr 2011 18:53:22 -0700
Subject: Only free pContext once when AddResource fails in
 ProcRecordCreateContext

Since RecordDeleteContext frees its argument, don't fall through to free
it again.

Error: Double free (CWE 415)
   Double free of pointer 'malloc(1072)' defined by malloc
        at line 1964 of record/record.c in function 'ProcRecordCreateContext'.
          Previously freed at line 1960 with RecordDeleteContext.
          'malloc(1072)' was allocated at line 1926 with malloc.

[ This bug was found by the Parfait 0.3.7 bug checking tool.
  For more information see http://labs.oracle.com/projects/parfait/ ]

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
(cherry picked from commit dadb0791ebfd05cd3bb82d4addf0fbc21aad6fbb)
---
 record/record.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/record/record.c b/record/record.c
index facaebb02..f46675875 100644
--- a/record/record.c
+++ b/record/record.c
@@ -1956,7 +1956,7 @@ ProcRecordCreateContext(ClientPtr client)
     else
     {
 	RecordDeleteContext((pointer)pContext, pContext->id);
-	err = BadAlloc;
+	return BadAlloc;
     }
 bailout:
     free(pContext);
-- 
cgit v1.2.3