[Spice-devel] [linux-agent v3 2/4] x11-randr: Improve argument check

[Victor Toso]

From: Victor Toso <me at victortoso.com>

In the current code, output should never be negative but the check
exists after we use the variable as index. Make the check earlier.

This patch also breaks the check in two in order to provide more
accurate error log.

Found by coverity:
  | check_after_sink: You might be using variable "output" before
  | verifying that it is >= 0.

Changes in v2:
- Move overflow check before accessing the arrays (Frediano)

Changes in v3:
- Move the whole check before accessing the arrays.
- Improve commit log.

Signed-off-by: Victor Toso <victortoso at redhat.com>
---
 src/vdagent/x11-randr.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/vdagent/x11-randr.c b/src/vdagent/x11-randr.c
index c8e42c9..3a1eaac 100644
--- a/src/vdagent/x11-randr.c
+++ b/src/vdagent/x11-randr.c
@@ -347,14 +347,20 @@ static int xrandr_add_and_set(struct vdagent_x11 *x11, int output, int x, int y,
     int xid;
     Status s;
     RROutput outputs[1];
-    int old_width  = x11->randr.monitor_sizes[output].width;
-    int old_height = x11->randr.monitor_sizes[output].height;
+    int old_width;
+    int old_height;
 
-    if (!x11->randr.res || output >= x11->randr.res->noutput || output < 0) {
-        syslog(LOG_ERR, "%s: program error: missing RANDR or bad output",
-               __FUNCTION__);
+    if (!x11->randr.res) {
+        syslog(LOG_ERR, "%s: program error: missing RANDR", __FUNCTION__);
+        return 0;
+    } else if (output < 0 || output >= x11->randr.res->noutput) {
+        syslog(LOG_ERR, "%s: program error: bad output", __FUNCTION__);
         return 0;
     }
+
+    old_width  = x11->randr.monitor_sizes[output].width;
+    old_height = x11->randr.monitor_sizes[output].height;
+
     if (x11->set_crtc_config_not_functional) {
         /* fail, set_best_mode will find something close. */
         return 0;
-- 
2.19.2