[PATCH] dix: fix crash on shutdown if a disabled device is still grabbed (XI1 grab)

Peter Hutterer peter.hutterer at who-t.net
Tue Oct 9 20:44:49 PDT 2012


A disabled device doesn't have a sprite (less so a sprite->win) and triggers
a NULL-pointer dereference on shutdown when all active grabs are released as
part of the cleanup.

Fix this by checking for sprite being non-null and setting the focus window
to the NullWindow if it is. The rest of the patch just attempts to make
things more readable.

Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
 dix/events.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/dix/events.c b/dix/events.c
index c0e330b..ddb5b34 100644
--- a/dix/events.c
+++ b/dix/events.c
@@ -1593,13 +1593,10 @@ DeactivateKeyboardGrab(DeviceIntPtr keybd)
 {
     GrabPtr grab = keybd->deviceGrab.grab;
     DeviceIntPtr dev;
-    WindowPtr focusWin = keybd->focus ? keybd->focus->win
-        : keybd->spriteInfo->sprite->win;
+    WindowPtr focusWin;
     Bool wasImplicit = (keybd->deviceGrab.fromPassiveGrab &&
                         keybd->deviceGrab.implicitGrab);
 
-    if (focusWin == FollowKeyboardWin)
-        focusWin = inputInfo.keyboard->focus->win;
     if (keybd->valuator)
         keybd->valuator->motionHintWindow = NullWindow;
     keybd->deviceGrab.grab = NullGrab;
@@ -1610,6 +1607,17 @@ DeactivateKeyboardGrab(DeviceIntPtr keybd)
         if (dev->deviceGrab.sync.other == grab)
             dev->deviceGrab.sync.other = NullGrab;
     }
+
+    if (keybd->focus)
+        focusWin = keybd->focus->win;
+    else if (keybd->spriteInfo->sprite)
+        focusWin = keybd->spriteInfo->sprite->win;
+    else
+        focusWin = NullWindow;
+
+    if (focusWin == FollowKeyboardWin)
+        focusWin = inputInfo.keyboard->focus->win;
+
     DoFocusEvents(keybd, grab->window, focusWin, NotifyUngrab);
 
     if (!wasImplicit && grab->grabtype == XI2)
-- 
1.7.11.4



More information about the xorg-devel mailing list