[PATCH] render: fix crash on creation of animated cursors
Michel Dänzer
michel at daenzer.net
Mon May 4 07:04:51 PDT 2009
On Sat, 2009-05-02 at 10:08 +0100, Magnus Kessler wrote:
> With commit 57aff88c7d0761e590806d07bee1c9410680c89f the server crashes in
> AnimCursorCreate (animcursor.c:393) when creating an animated cursor. The
> underlying cause is that only cursors[1] is ever initialised in
> ProcRenderCreateAnimCursor (render.c:1860)
>
> Signed-off-by: Magnus Kessler <Magnus.Kessler at gmx.net>
>
> diff --git a/render/render.c b/render/render.c
> index 8487b60..5622994 100644
> --- a/render/render.c
> +++ b/render/render.c
> @@ -1857,7 +1857,7 @@ ProcRenderCreateAnimCursor (ClientPtr client)
> elt = (xAnimCursorElt *) (stuff + 1);
> for (i = 0; i < ncursor; i++)
> {
> - ret = dixLookupResourceByType((pointer *)(cursors + 1), elt->cursor,
> + ret = dixLookupResourceByType((pointer *)(cursors + i), elt->cursor,
> RT_CURSOR, client, DixReadAccess);
I didn't see this before I made and pushed the same fix, sorry.
--
Earthling Michel Dänzer | http://www.vmware.com
Libre software enthusiast | Debian, X and DRI developer
More information about the xorg-devel
mailing list