From cbe06b48e42d0c4bb4e4ad36d8d791bc7917a53a Mon Sep 17 00:00:00 2001
From: Sam Lantinga <slouken@libsdl.org>
Date: Wed, 17 Apr 2013 01:35:10 -0700
Subject: [PATCH] Fixed bug 1804 - Memory leak issue in
 src/video/x11/SDL_x11mouse.c

Nitz

In SDL_x11mouse.c file there is function named
static Cursor
X11_CreatePixmapCursor(SDL_Surface * surface, int hot_x, int hot_y)
{
  // Some code

  data_bits = SDL_calloc(1, surface->h * width_bytes);
  mask_bits = SDL_calloc(1, surface->h * width_bytes);
  if (!data_bits || !mask_bits) {
     SDL_OutOfMemory();
     return None;
  }

 // Some code

}

Here is the problem in if statement,
suppose if !data_bits is false and !mask_bits is true then,
data_bits will go out of scope and leaks the memory it points to.

Solution is that data_bits and mask_bits should be checked separately, not by using OR operator.
---
 src/video/x11/SDL_x11mouse.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/video/x11/SDL_x11mouse.c b/src/video/x11/SDL_x11mouse.c
index 52e1cce2a..1d021b7b6 100644
--- a/src/video/x11/SDL_x11mouse.c
+++ b/src/video/x11/SDL_x11mouse.c
@@ -129,8 +129,14 @@ X11_CreatePixmapCursor(SDL_Surface * surface, int hot_x, int hot_y)
     unsigned int width_bytes = ((surface->w + 7) & ~7) / 8;
 
     data_bits = SDL_calloc(1, surface->h * width_bytes);
+    if (!data_bits) {
+        SDL_OutOfMemory();
+        return None;
+    }
+
     mask_bits = SDL_calloc(1, surface->h * width_bytes);
-    if (!data_bits || !mask_bits) {
+    if (!mask_bits) {
+        SDL_free(data_bits);
         SDL_OutOfMemory();
         return None;
     }