If offscreen was not passed to fd_open the resulting offscreenbuf
member was a dangling pointer and the free() call in fd_close
would result in undefined behaviour.
Signed-off-by: Daniel Mierswa <d.mierswa@xxxxxxxxx>
---
commands/splash.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/commands/splash.c b/commands/splash.c
index 4cc463e..75c7074 100644
--- a/commands/splash.c
+++ b/commands/splash.c
@@ -59,6 +59,14 @@ static int do_splash(int argc, char *argv[])
return 1;
}
+ /*
+ * sc.offscreenbuf is dangling here, if no offscreen buffer was
+ * requested, so set it to NULL otherwise the free in fd_close
+ * will cause undefined behaviour
+ */
+ if (!offscreen)
+ sc.offscreenbuf = NULL;
+
if (sc.offscreenbuf) {
if (do_bg)
memset_pixel(&info, sc.offscreenbuf, bg_color,
--
1.8.1
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
