Commit b9f48d60 authored by Jamey Sharp's avatar Jamey Sharp Committed by Keith Packard

Device init: Don't crash when CreateGC fails.

ActivateDevice was ignoring errors from DeviceCursorInitialize, so
cursor-related calls failed later. Jeremy Huddleston saw that crash in
miPointerConstrainCursor, while with Xvfb I saw it in
miSpriteRealizeCursor.

miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls
Cleanup on any failure, but if it failed early then some of the pointers
in the miDCBufferPtr were garbage. Switch from malloc to calloc to
ensure everything's initialized safely first.

With these two fixes, if CreateGC fails then the server gracefully fails
in FatalError instead of segfaulting.
Signed-off-by: Jamey Sharp's avatarJamey Sharp <jamey@minilop.net>
Cc: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Peter Hutterer's avatarPeter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
parent c5153496
......@@ -463,7 +463,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent)
/* Initialize memory for sprites. */
if (IsMaster(dev) && dev->spriteInfo->spriteOwner)
pScreen->DeviceCursorInitialize(dev, pScreen);
if (!pScreen->DeviceCursorInitialize(dev, pScreen))
ret = BadAlloc;
SendDevicePresenceEvent(dev->id, DeviceAdded);
if (sendevent)
......
......@@ -742,7 +742,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen)
{
pScreen = screenInfo.screens[i];
pBuffer = malloc(sizeof(miDCBufferRec));
pBuffer = calloc(1, sizeof(miDCBufferRec));
if (!pBuffer)
goto failure;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment