[PATCH] Skip damage calls if DamageCreate fails in exa functions
Alan Coopersmith
alan.coopersmith at oracle.com
Tue Sep 3 10:35:18 PDT 2013
Fixes parfait errors such as:
Null pointer dereference (CWE 476): Write to null pointer pDamage
at line 1833 of miext/damage/damage.c in function 'DamageRegister'.
Function DamageCreate may return constant 'NULL' at line 1775,
called at line 232 of exa/exa_migration_mixed.c
in function 'exaPrepareAccessReg_mixed'.
Constant 'NULL' passed into function DamageRegister,
argument pDamage, from call at line 237.
Null pointer introduced at line 1775 of miext/damage/damage.c
in function 'DamageCreate'.
Null pointer dereference (CWE 476): Write to null pointer pDamage
at line 1833 of miext/damage/damage.c in function 'DamageRegister'.
Function DamageCreate may return constant 'NULL' at line 1775,
called at line 104 of exa/exa_mixed.c
in function 'exaCreatePixmap_mixed'.
Constant 'NULL' passed into function DamageRegister,
argument pDamage, from call at line 109.
Null pointer introduced at line 1775 of miext/damage/damage.c
in function 'DamageCreate'.
Checks are similar to handling results of other calls to DamageCreate.
[ This bug was found by the Parfait 1.3.0 bug checking tool.
http://labs.oracle.com/pls/apex/f?p=labs:49:::::P49_PROJECT_ID:13 ]
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
---
exa/exa_migration_mixed.c | 11 +++++++----
exa/exa_mixed.c | 11 +++++++----
2 files changed, 14 insertions(+), 8 deletions(-)
diff --git a/exa/exa_migration_mixed.c b/exa/exa_migration_mixed.c
index 445c4fc..5519dc1 100644
--- a/exa/exa_migration_mixed.c
+++ b/exa/exa_migration_mixed.c
@@ -234,10 +234,13 @@ exaPrepareAccessReg_mixed(PixmapPtr pPixmap, int index, RegionPtr pReg)
pPixmap->drawable.pScreen,
pPixmap);
- DamageRegister(&pPixmap->drawable, pExaPixmap->pDamage);
- /* This ensures that pending damage reflects the current operation. */
- /* This is used by exa to optimize migration. */
- DamageSetReportAfterOp(pExaPixmap->pDamage, TRUE);
+ if (pExaPixmap->pDamage) {
+ DamageRegister(&pPixmap->drawable, pExaPixmap->pDamage);
+ /* This ensures that pending damage reflects the current
+ * operation. This is used by exa to optimize migration.
+ */
+ DamageSetReportAfterOp(pExaPixmap->pDamage, TRUE);
+ }
if (has_gpu_copy) {
exaPixmapDirty(pPixmap, 0, 0, pPixmap->drawable.width,
diff --git a/exa/exa_mixed.c b/exa/exa_mixed.c
index 0fb4091..1ffb1a5 100644
--- a/exa/exa_mixed.c
+++ b/exa/exa_mixed.c
@@ -106,10 +106,13 @@ exaCreatePixmap_mixed(ScreenPtr pScreen, int w, int h, int depth,
pPixmap->drawable.pScreen,
pPixmap);
- DamageRegister(&pPixmap->drawable, pExaPixmap->pDamage);
- /* This ensures that pending damage reflects the current operation. */
- /* This is used by exa to optimize migration. */
- DamageSetReportAfterOp(pExaPixmap->pDamage, TRUE);
+ if (pExaPixmap->pDamage) {
+ DamageRegister(&pPixmap->drawable, pExaPixmap->pDamage);
+ /* This ensures that pending damage reflects the current
+ * operation. This is used by exa to optimize migration.
+ */
+ DamageSetReportAfterOp(pExaPixmap->pDamage, TRUE);
+ }
}
}
--
1.7.9.2
More information about the xorg-devel
mailing list