From d2560e1b87cb45cefc467e760b21f24e0470095f Mon Sep 17 00:00:00 2001
From: orbisai0security <orbisai0security@users.noreply.github.com>
Date: Thu, 26 Mar 2026 04:08:00 +0000
Subject: [PATCH] fix: remove unsafe exec() in display_task.c

Display buffer allocation error handling frees buf1 and buf2 pointers but does not set them to NULL
Resolves V-002
---
 firmware/esp32-csi-node/main/display_task.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/firmware/esp32-csi-node/main/display_task.c b/firmware/esp32-csi-node/main/display_task.c
index 85a04b883..9d834edc5 100644
--- a/firmware/esp32-csi-node/main/display_task.c
+++ b/firmware/esp32-csi-node/main/display_task.c
@@ -118,8 +118,14 @@ esp_err_t display_task_start(void)
     if (!buf1 || !buf2) {
         ESP_LOGE(TAG, "Failed to allocate LVGL buffers (%u bytes, caps=0x%lx)",
                  (unsigned)buf_size, (unsigned long)alloc_caps);
-        if (buf1) free(buf1);
-        if (buf2) free(buf2);
+        if (buf1) {
+            free(buf1);
+            buf1 = NULL;
+        }
+        if (buf2) {
+            free(buf2);
+            buf2 = NULL;
+        }
         return ESP_OK;
     }
     ESP_LOGI(TAG, "LVGL buffers: 2x %u bytes (%u lines, %s)",