[PATCH] xf86: return NULL for xf86CompatOutput if config->compat_output is -1
Aaron Plattner
aplattner at nvidia.com
Fri Mar 15 15:28:20 PDT 2013
If there is no compat output, config->compat_output is -1 and xf86CompatOutput
reads before the beginning of the outputs array.
Invalid read of size 8
at 0x4DB892: xf86CompatOutput (xf86Crtc.h:734)
by 0x4E285D: xf86OutputSetEDID (xf86Crtc.c:2986)
by 0x862200F: intel_output_attach_edid (intel_display.c:895)
by 0x86222A5: intel_output_get_modes (intel_display.c:955)
by 0x4DF296: xf86ProbeOutputModes (xf86Crtc.c:1586)
by 0x4E1349: xf86InitialConfiguration (xf86Crtc.c:2380)
by 0x8623F72: intel_mode_pre_init (intel_display.c:1788)
by 0x8626088: I830PreInit (intel_driver.c:625)
by 0x49873B: InitOutput (xf86Init.c:606)
by 0x4257B8: main (main.c:204)
Address 0x7955d88 is 8 bytes before a block of size 16 alloc'd
at 0x4C2C25E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x4DCD54: xf86OutputCreate (xf86Crtc.c:621)
by 0x862322F: intel_output_init (intel_display.c:1416)
by 0x8623F22: intel_mode_pre_init (intel_display.c:1780)
by 0x8626088: I830PreInit (intel_driver.c:625)
by 0x49873B: InitOutput (xf86Init.c:606)
by 0x4257B8: main (main.c:204)
Signed-off-by: Aaron Plattner <aplattner at nvidia.com>
---
hw/xfree86/modes/xf86Crtc.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/hw/xfree86/modes/xf86Crtc.h b/hw/xfree86/modes/xf86Crtc.h
index 802303f..1ac8485 100644
--- a/hw/xfree86/modes/xf86Crtc.h
+++ b/hw/xfree86/modes/xf86Crtc.h
@@ -731,6 +731,8 @@ xf86CompatOutput(ScrnInfoPtr pScrn)
{
xf86CrtcConfigPtr config = XF86_CRTC_CONFIG_PTR(pScrn);
+ if (config->compat_output < 0)
+ return NULL;
return config->output[config->compat_output];
}
--
1.8.2
More information about the xorg-devel
mailing list