[PATCH weston 3/3] xwm: Test hash_table_lookup() returns

Derek Foreman derekf at osg.samsung.com
Tue Apr 7 10:12:15 PDT 2015 

Make sure we always test hash_table_lookup()s return to prevent trying to
dereference a NULL window.

Signed-off-by: Derek Foreman <derekf at osg.samsung.com>
---
 xwayland/window-manager.c | 103 +++++++++++++++++++++++++++++++++-------------
 1 file changed, 74 insertions(+), 29 deletions(-)

diff --git a/xwayland/window-manager.c b/xwayland/window-manager.c
index 3967670..9388d2e 100644
--- a/xwayland/window-manager.c
+++ b/xwayland/window-manager.c
@@ -446,10 +446,16 @@ weston_wm_window_read_properties(struct weston_wm_window *window)
 				strndup(xcb_get_property_value(reply),
 					xcb_get_property_value_length(reply));
 			break;
-		case XCB_ATOM_WINDOW:
+		case XCB_ATOM_WINDOW: {
+			int found;
 			xid = xcb_get_property_value(reply);
-			hash_table_lookup(wm->window_hash, *xid, (struct weston_wm_window **)p);
+			found = hash_table_lookup(wm->window_hash, *xid,
+					      (struct weston_wm_window **)p);
+			if (!found)
+				weston_log("XCB_ATOM_WINDOW contains window"
+					   " id not found in hash table.\n");
 			break;
+		}
 		case XCB_ATOM_CARDINAL:
 		case XCB_ATOM_ATOM:
 			atom = xcb_get_property_value(reply);
@@ -586,14 +592,18 @@ weston_wm_handle_configure_request(struct weston_wm *wm, xcb_generic_event_t *ev
 		(xcb_configure_request_event_t *) event;
 	struct weston_wm_window *window;
 	uint32_t mask, values[16];
-	int x, y, width, height, i = 0;
+	int x, y, width, height, i = 0, found;
 
 	wm_log("XCB_CONFIGURE_REQUEST (window %d) %d,%d @ %dx%d\n",
 	       configure_request->window,
 	       configure_request->x, configure_request->y,
 	       configure_request->width, configure_request->height);
 
-	hash_table_lookup(wm->window_hash, configure_request->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  configure_request->window,
+				  &window);
+	if (!found)
+		return;
 
 	if (window->fullscreen) {
 		weston_wm_window_send_configure_notify(window);
@@ -650,6 +660,8 @@ our_resource(struct weston_wm *wm, uint32_t id)
 static void
 weston_wm_handle_configure_notify(struct weston_wm *wm, xcb_generic_event_t *event)
 {
+	int found;
+
 	xcb_configure_notify_event_t *configure_notify = 
 		(xcb_configure_notify_event_t *) event;
 	struct weston_wm_window *window;
@@ -659,7 +671,12 @@ weston_wm_handle_configure_notify(struct weston_wm *wm, xcb_generic_event_t *eve
 	       configure_notify->x, configure_notify->y,
 	       configure_notify->width, configure_notify->height);
 
-	hash_table_lookup(wm->window_hash, configure_notify->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  configure_notify->window,
+				  &window);
+	if (!found)
+		return;
+
 	window->x = configure_notify->x;
 	window->y = configure_notify->y;
 	if (window->override_redirect) {
@@ -924,6 +941,7 @@ weston_wm_handle_map_request(struct weston_wm *wm, xcb_generic_event_t *event)
 	xcb_map_request_event_t *map_request =
 		(xcb_map_request_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
 	if (our_resource(wm, map_request->window)) {
 		wm_log("XCB_MAP_REQUEST (window %d, ours)\n",
@@ -931,7 +949,11 @@ weston_wm_handle_map_request(struct weston_wm *wm, xcb_generic_event_t *event)
 		return;
 	}
 
-	hash_table_lookup(wm->window_hash, map_request->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  map_request->window,
+				  &window);
+	if (!found)
+		return;
 
 	weston_wm_window_read_properties(window);
 
@@ -969,6 +991,7 @@ weston_wm_handle_unmap_notify(struct weston_wm *wm, xcb_generic_event_t *event)
 	xcb_unmap_notify_event_t *unmap_notify =
 		(xcb_unmap_notify_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
 	wm_log("XCB_UNMAP_NOTIFY (window %d, event %d%s)\n",
 	       unmap_notify->window,
@@ -983,7 +1006,12 @@ weston_wm_handle_unmap_notify(struct weston_wm *wm, xcb_generic_event_t *event)
 		 * as it may come in after we've destroyed the window. */
 		return;
 
-	hash_table_lookup(wm->window_hash, unmap_notify->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  unmap_notify->window,
+				  &window);
+	if (!found)
+		return;
+
 	if (wm->focus_window == window)
 		wm->focus_window = NULL;
 	if (window->surface)
@@ -1111,9 +1139,12 @@ weston_wm_handle_property_notify(struct weston_wm *wm, xcb_generic_event_t *even
 	xcb_property_notify_event_t *property_notify =
 		(xcb_property_notify_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
-	hash_table_lookup(wm->window_hash, property_notify->window, &window);
-	if (!window)
+	found = hash_table_lookup(wm->window_hash,
+				  property_notify->window,
+				  &window);
+	if (!found)
 		return;
 
 	window->properties_dirty = 1;
@@ -1222,6 +1253,7 @@ weston_wm_handle_destroy_notify(struct weston_wm *wm, xcb_generic_event_t *event
 	xcb_destroy_notify_event_t *destroy_notify =
 		(xcb_destroy_notify_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
 	wm_log("XCB_DESTROY_NOTIFY, win %d, event %d%s\n",
 	       destroy_notify->window,
@@ -1231,7 +1263,12 @@ weston_wm_handle_destroy_notify(struct weston_wm *wm, xcb_generic_event_t *event
 	if (our_resource(wm, destroy_notify->window))
 		return;
 
-	hash_table_lookup(wm->window_hash, destroy_notify->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  destroy_notify->window,
+				  &window);
+	if (!found)
+		return;
+
 	weston_wm_window_destroy(window);
 }
 
@@ -1241,6 +1278,7 @@ weston_wm_handle_reparent_notify(struct weston_wm *wm, xcb_generic_event_t *even
 	xcb_reparent_notify_event_t *reparent_notify =
 		(xcb_reparent_notify_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
 	wm_log("XCB_REPARENT_NOTIFY (window %d, parent %d, event %d)\n",
 	       reparent_notify->window,
@@ -1252,8 +1290,12 @@ weston_wm_handle_reparent_notify(struct weston_wm *wm, xcb_generic_event_t *even
 					reparent_notify->x, reparent_notify->y,
 					reparent_notify->override_redirect);
 	} else if (!our_resource(wm, reparent_notify->parent)) {
-		hash_table_lookup(wm->window_hash,
-				  reparent_notify->window, &window);
+		found = hash_table_lookup(wm->window_hash,
+					  reparent_notify->window,
+					  &window);
+		if (!found)
+			return;
+
 		weston_wm_window_destroy(window);
 	}
 }
@@ -1490,8 +1532,13 @@ weston_wm_handle_client_message(struct weston_wm *wm,
 	xcb_client_message_event_t *client_message =
 		(xcb_client_message_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
-	hash_table_lookup(wm->window_hash, client_message->window, &window);
+	found = hash_table_lookup(wm->window_hash,
+				  client_message->window,
+				  &window);
+	if (!found)
+		return;
 
 	wm_log("XCB_CLIENT_MESSAGE (%s %d %d %d %d %d win %d)\n",
 	       get_atom_name(wm->conn, client_message->type),
@@ -1502,12 +1549,6 @@ weston_wm_handle_client_message(struct weston_wm *wm,
 	       client_message->data.data32[4],
 	       client_message->window);
 
-	/* The window may get created and destroyed before we actually
-	 * handle the message.  If it doesn't exist, bail.
-	 */
-	if (!window)
-		return;
-
 	if (client_message->type == wm->atom.net_wm_moveresize)
 		weston_wm_window_handle_moveresize(window, client_message);
 	else if (client_message->type == wm->atom.net_wm_state)
@@ -1716,13 +1757,16 @@ weston_wm_handle_button(struct weston_wm *wm, xcb_generic_event_t *event)
 	enum theme_location location;
 	enum frame_button_state button_state;
 	uint32_t button_id;
+	int found;
 
 	wm_log("XCB_BUTTON_%s (detail %d)\n",
 	       button->response_type == XCB_BUTTON_PRESS ?
 	       "PRESS" : "RELEASE", button->detail);
 
-	hash_table_lookup(wm->window_hash, button->event, &window);
-	if (!window || !window->decorate)
+	found = hash_table_lookup(wm->window_hash,
+				  button->event,
+				  &window);
+	if (!found || !window->decorate)
 		return;
 
 	if (button->detail != 1 && button->detail != 2)
@@ -1783,10 +1827,10 @@ weston_wm_handle_motion(struct weston_wm *wm, xcb_generic_event_t *event)
 	xcb_motion_notify_event_t *motion = (xcb_motion_notify_event_t *) event;
 	struct weston_wm_window *window;
 	enum theme_location location;
-	int cursor;
+	int cursor, found;
 
-	hash_table_lookup(wm->window_hash, motion->event, &window);
-	if (!window || !window->decorate)
+	found = hash_table_lookup(wm->window_hash, motion->event, &window);
+	if (!found || !window->decorate)
 		return;
 
 	location = frame_pointer_motion(window->frame, NULL,
@@ -1804,10 +1848,10 @@ weston_wm_handle_enter(struct weston_wm *wm, xcb_generic_event_t *event)
 	xcb_enter_notify_event_t *enter = (xcb_enter_notify_event_t *) event;
 	struct weston_wm_window *window;
 	enum theme_location location;
-	int cursor;
+	int cursor, found;
 
-	hash_table_lookup(wm->window_hash, enter->event, &window);
-	if (!window || !window->decorate)
+	found = hash_table_lookup(wm->window_hash, enter->event, &window);
+	if (!found || !window->decorate)
 		return;
 
 	location = frame_pointer_enter(window->frame, NULL,
@@ -1824,9 +1868,10 @@ weston_wm_handle_leave(struct weston_wm *wm, xcb_generic_event_t *event)
 {
 	xcb_leave_notify_event_t *leave = (xcb_leave_notify_event_t *) event;
 	struct weston_wm_window *window;
+	int found;
 
-	hash_table_lookup(wm->window_hash, leave->event, &window);
-	if (!window || !window->decorate)
+	found = hash_table_lookup(wm->window_hash, leave->event, &window);
+	if (!found || !window->decorate)
 		return;
 
 	frame_pointer_leave(window->frame, NULL);
-- 
2.1.4

More information about the wayland-devel mailing list