[Spice-devel] [PATCH spice] Fix crash when clearing surface memory
Christophe Fergeau
cfergeau at redhat.com
Thu Aug 7 01:37:55 PDT 2014
On Wed, Aug 06, 2014 at 06:58:42PM +0200, Marc-André Lureau wrote:
> The beginning of the surface data needs to be computed correctly if the
> stride is negative, otherwise, it should point already to the beginning
> of the surface data. This bug seems to exists since 4a208b (0.5.2)
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1029646
> ---
> server/red_worker.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/server/red_worker.c b/server/red_worker.c
> index 6bdad93..904e8fe 100644
> --- a/server/red_worker.c
> +++ b/server/red_worker.c
> @@ -9470,7 +9470,9 @@ static inline void red_create_surface(RedWorker *worker, uint32_t surface_id, ui
> surface->context.stride = stride;
> surface->context.line_0 = line_0;
> if (!data_is_valid) {
> - memset((char *)line_0 + (int32_t)(stride * (height - 1)), 0, height*abs(stride));
> + char *data = line_0;
> + data += stride < 0 ? (int32_t)(stride * (height - 1)) : 0;
I'd write this as
if (stride < 0) {
...
}
which matches how it's done in other functions. Maybe a comment or
writing this as data -= abs(stride)*.. would make this even more
readable?
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20140807/963a7339/attachment.sig>
More information about the Spice-devel
mailing list