[PATCH] Device init: Don't crash when CreateGC fails.

Peter Hutterer peter.hutterer at who-t.net
Sun May 23 16:23:16 PDT 2010


On Wed, May 19, 2010 at 10:44:33AM -0700, Jamey Sharp wrote:
> ActivateDevice was ignoring errors from DeviceCursorInitialize, so
> cursor-related calls failed later. Jeremy Huddleston saw that crash in
> miPointerConstrainCursor, while with Xvfb I saw it in
> miSpriteRealizeCursor.
> 
> miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls
> Cleanup on any failure, but if it failed early then some of the pointers
> in the miDCBufferPtr were garbage. Switch from malloc to calloc to
> ensure everything's initialized safely first.
> 
> With these two fixes, if CreateGC fails then the server gracefully fails
> in FatalError instead of segfaulting.
> 
> Signed-off-by: Jamey Sharp <jamey at minilop.net>
> Cc: Peter Hutterer <peter.hutterer at who-t.net>
> ---
> I'm glad I waited for your review, Peter. :-) Is this what you wanted?
> If so, would you Cc Keith when you provide your reviewed-by tag? Thanks!
> 
>  dix/devices.c  |    3 ++-
>  mi/midispcur.c |    2 +-
>  2 files changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/dix/devices.c b/dix/devices.c
> index de72c88..b03f0fe 100644
> --- a/dix/devices.c
> +++ b/dix/devices.c
> @@ -467,7 +467,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent)
>  
>      /* Initialize memory for sprites. */
>      if (IsMaster(dev) && dev->spriteInfo->spriteOwner)
> -        pScreen->DeviceCursorInitialize(dev, pScreen);
> +        if (!pScreen->DeviceCursorInitialize(dev, pScreen))
> +            ret = BadAlloc;
>  
>      SendDevicePresenceEvent(dev->id, DeviceAdded);
>      if (sendevent)
> diff --git a/mi/midispcur.c b/mi/midispcur.c
> index 1acc469..4de37d7 100644
> --- a/mi/midispcur.c
> +++ b/mi/midispcur.c
> @@ -780,7 +780,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen)
>      {
>          pScreen = screenInfo.screens[i];
>  
> -        pBuffer = malloc(sizeof(miDCBufferRec));
> +        pBuffer = calloc(1, sizeof(miDCBufferRec));
>          if (!pBuffer)
>              goto failure;
>  
> -- 
> 1.7.0

Reviewed-by: Peter Hutterer <peter.hutterer at who-t.net>

Cheers,
  Peter


More information about the xorg-devel mailing list