[PATCH 1/4] dix: fix crash when removing devices on a buttonless MD pointer (#29669)
Peter Hutterer
peter.hutterer at who-t.net
Tue Aug 31 22:24:03 PDT 2010
If the master does not have a button class, recalculating the number of
buttons required for this master dereferences a NULL pointer. Guard against
this, if the master pointer doesn't have a button class, it doesn't need to
update it's number of buttons.
Reproducible:
Two devices on the same master, device NB with axes but no buttons, device
A+B with axes and button .
If NB was the last one to send an event through the master when A+B is
removed from the server, master->button is NULL and leads to the above
NULL-pointer dereference.
X.Org Bug 29669 <http://bugs.freedesktop.org/show_bug.cgi?id=29669>
Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
dix/devices.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/dix/devices.c b/dix/devices.c
index 2e65a04..0bd9b75 100644
--- a/dix/devices.c
+++ b/dix/devices.c
@@ -2336,7 +2336,7 @@ RecalculateMasterButtons(DeviceIntPtr slave)
maxbuttons = max(maxbuttons, dev->button->numButtons);
}
- if (master->button->numButtons != maxbuttons)
+ if (master->button && master->button->numButtons != maxbuttons)
{
int i;
DeviceChangedEvent event;
--
1.7.2.2
More information about the xorg-devel
mailing list