randr: add BUG_* checks for possible NULL pointer issue

The ‘RRCrtcNotify() and RRCrtcSet() functions are exported, so there's chance
that a buggy driver could call them with NULL parameter, leading to segfault.
Those are hard to trace, so it's better having a BUG_* check here.

| ../randr/rrcrtc.c: In function ‘RRCrtcNotify’:
| ../randr/rrcrtc.c:187:5: warning: use of NULL ‘outputs’ where non-null expected [CWE-476] [-Wanalyzer-null-argument]
|   187 |     memcpy(crtc->outputs, outputs, numOutputs * sizeof(RROutputPtr));
|       |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

| ../randr/rrcrtc.c: In function ‘RRCrtcSet’:
| ../randr/rrcrtc.c:742:20: warning: dereference of NULL ‘outputs’ [CWE-476] [-Wanalyzer-null-dereference]
|   742 |         if (outputs[o]) {
|       |             ~~~~~~~^~~

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>

randr/rrcrtc.c

@@ -20,12 +20,16 @@
  * TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
  * OF THIS SOFTWARE.
  */
+#include <dix-config.h>
+
+#include <X11/Xatom.h>
+
+#include "os/bug_priv.h"
 
 #include "randrstr_priv.h"
 #include "swaprep.h"
 #include "mipointer.h"
 
-#include <X11/Xatom.h>
 
 RESTYPE RRCrtcType = 0;
 
@@ -181,10 +185,13 @@ RRCrtcNotify(RRCrtcPtr crtc,
         crtc->outputs = newoutputs;
         crtc->numOutputs = numOutputs;
     }
+
     /*
      * Copy the new list of outputs into the crtc
      */
+    BUG_RETURN_VAL(outputs == NULL, FALSE);
     memcpy(crtc->outputs, outputs, numOutputs * sizeof(RROutputPtr));
+
     /*
      * Update remaining crtc fields
      */
@@ -735,6 +742,8 @@ RRCrtcSet(RRCrtcPtr crtc,
     Bool crtcChanged;
     int  o;
 
+    BUG_RETURN_VAL(outputs == NULL, FALSE);
+
     rrScrPriv(pScreen);
 
     crtcChanged = FALSE;