[PATCH] Check for NULL pointer from pixman_image_create_bits()
Soeren Sandmann
sandmann at cs.au.dk
Mon Feb 7 02:15:24 PST 2011
Bryce Harrington <bryce at canonical.com> writes:
> pixman_image_create_bits() can return NULL under a variety of
> circumstances. If this happens, it will segfault when dereferenced in
> pixman_image_set_accessors().
>
> http://bugs.freedesktop.org/show_bug.cgi?id=28882
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596155
> https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/705078
>
> Signed-off-by: Bryce Harrington <bryce at canonical.com>
> ---
> fb/fbpict.c | 3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
> diff --git a/fb/fbpict.c b/fb/fbpict.c
> index 7636040..79b462b 100644
> --- a/fb/fbpict.c
> +++ b/fb/fbpict.c
> @@ -163,7 +163,8 @@ create_bits_picture (PicturePtr pict,
> pict->format,
> pixmap->drawable.width, pixmap->drawable.height,
> (uint32_t *)bits, stride * sizeof (FbStride));
> -
> + if (!image)
> + return NULL;
This patch is correct, I believe, so
Reviewed-by: Soren Sandmann <ssp at redhat.com<
However, I don't think it fixes the underlying bug since it's very
likely that pixman_image_create_bits() returned NULL because it was
passed incorrect parameters.
Soren
More information about the xorg-devel
mailing list