[PATCH] xfixes: don't dereference a NULL cursor
Jeremy Huddleston
jeremyhu at apple.com
Tue Nov 29 23:38:54 PST 2011
Reviewed-by: Jeremy Huddleston <jeremyhu at apple.com>
On Nov 29, 2011, at 3:11 PM, Peter Hutterer wrote:
> If the new cursor is the NULL cursor, don't dereference it and use zeros
> instead.
>
> Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
> ---
> Not sure when this broke given that most of this code hasn't changed in
> ages. Reproducible segfault with
> xinput create-master "foo"
> xinput remove-master "foo pointer"
> When the master pointer is removed, CursorDisplayCursor is called with the
> NullCursor, causing a NULL-pointer dereference.
>
> xfixes/cursor.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/xfixes/cursor.c b/xfixes/cursor.c
> index 2950e45..53f9f20 100644
> --- a/xfixes/cursor.c
> +++ b/xfixes/cursor.c
> @@ -179,9 +179,9 @@ CursorDisplayCursor (DeviceIntPtr pDev,
> ev.type = XFixesEventBase + XFixesCursorNotify;
> ev.subtype = XFixesDisplayCursorNotify;
> ev.window = e->pWindow->drawable.id;
> - ev.cursorSerial = pCursor->serialNumber;
> + ev.cursorSerial = pCursor ? pCursor->serialNumber : 0;
> ev.timestamp = currentTime.milliseconds;
> - ev.name = pCursor->name;
> + ev.name = pCursor ? pCursor->name : None;
> WriteEventsToClient (e->pClient, 1, (xEvent *) &ev);
> }
> }
> --
> 1.7.7.1
>
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: http://lists.x.org/mailman/listinfo/xorg-devel
>
More information about the xorg-devel
mailing list