Skip to content

Fix memory leaks in _synctex_decode_string

Nil Admirari requested to merge (removed):synctex_memory_leak into master

The top issue reported by code quality scanner (Critical - Common realloc mistake: 'string' nulled but not freed upon failure (CWE-401); look at any recent pull request e.g. !1061 (closed))

  1. realloc does not free the previous string when returning NULL.
  2. The code after realloc can go to more_characters, which may return an error without freeing the string.

The bigger question is: why Okular maintains its own copy of synctex? Why not simply include https://github.com/jlaurens/synctex as a Git submodule? Patches in core/synctex/patches/ can be upstreamed (if they are still relevant).

Merge request reports

Loading