[PATCH] Device init: Don't crash when CreateGC fails.

Jamey Sharp jamey at minilop.net
Wed May 19 10:44:33 PDT 2010


ActivateDevice was ignoring errors from DeviceCursorInitialize, so
cursor-related calls failed later. Jeremy Huddleston saw that crash in
miPointerConstrainCursor, while with Xvfb I saw it in
miSpriteRealizeCursor.

miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls
Cleanup on any failure, but if it failed early then some of the pointers
in the miDCBufferPtr were garbage. Switch from malloc to calloc to
ensure everything's initialized safely first.

With these two fixes, if CreateGC fails then the server gracefully fails
in FatalError instead of segfaulting.

Signed-off-by: Jamey Sharp <jamey at minilop.net>
Cc: Peter Hutterer <peter.hutterer at who-t.net>
---
I'm glad I waited for your review, Peter. :-) Is this what you wanted?
If so, would you Cc Keith when you provide your reviewed-by tag? Thanks!

 dix/devices.c  |    3 ++-
 mi/midispcur.c |    2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/dix/devices.c b/dix/devices.c
index de72c88..b03f0fe 100644
--- a/dix/devices.c
+++ b/dix/devices.c
@@ -467,7 +467,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent)
 
     /* Initialize memory for sprites. */
     if (IsMaster(dev) && dev->spriteInfo->spriteOwner)
-        pScreen->DeviceCursorInitialize(dev, pScreen);
+        if (!pScreen->DeviceCursorInitialize(dev, pScreen))
+            ret = BadAlloc;
 
     SendDevicePresenceEvent(dev->id, DeviceAdded);
     if (sendevent)
diff --git a/mi/midispcur.c b/mi/midispcur.c
index 1acc469..4de37d7 100644
--- a/mi/midispcur.c
+++ b/mi/midispcur.c
@@ -780,7 +780,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen)
     {
         pScreen = screenInfo.screens[i];
 
-        pBuffer = malloc(sizeof(miDCBufferRec));
+        pBuffer = calloc(1, sizeof(miDCBufferRec));
         if (!pBuffer)
             goto failure;
 
-- 
1.7.0



More information about the xorg-devel mailing list