Missing boundary-checks in XkbApplyMappingChange?
Magnus.Vigerlof at home.se
Sat Nov 17 05:39:14 PST 2007
We (linuxwacom) got hit by a strange crash recently. As we want to be able to
map some of the buttons on the tablet to key-presses/-releases for simple
shortcuts we register a few keys with InitKeyClassDeviceStruct.
The driver has until now registered at most 32 keys (8-40) to be able to
report these, but with Xorg7.3 (and master) we've seen a crash by simply
running one of the following commands (and only when a wacom InputDevice is
$ xmodmap -e 'keysym Alt_L = Meta_L Alt_L'
$ xmodmap -e "keysym BackSpace = Delete"
The stacktrace that is printed is always the following:
0: /home/wigge/.Xorg/bin/Xorg(xf86SigHandler+0x79) [0x80c9229]
2: /home/wigge/.Xorg/bin/Xorg(XkbApplyMappingChange+0x1b9) [0x818da69]
3: /home/wigge/.Xorg/bin/Xorg(SendDeviceMappingNotify+0xe3) [0x8171ec3]
4: /home/wigge/.Xorg/bin/Xorg(ProcChangeKeyboardMapping+0x218) [0x8083af8]
5: /home/wigge/.Xorg/bin/Xorg [0x814eac3]
6: /home/wigge/.Xorg/bin/Xorg(Dispatch+0x2b3) [0x808bfa3]
7: /home/wigge/.Xorg/bin/Xorg(main+0x49a) [0x807307a]
8: /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xdc) [0xb7c4aebc]
9: /home/wigge/.Xorg/bin/Xorg(FontFileCompleteXLFD+0x225) [0x80723a1]
Fatal server error:
Caught signal 11. Server aborting
By changing the number of registered keys to 512 I got rid of the crash, but I
feel this is not the correct way of doing it.. I suspect a missing boundary
check in XkbApplyMappingChange here. Is it so, or are we not using the
interface in the correct way?
More information about the xorg