From 3f31cce8af9b622f32f4f4e275d7078ea127630e Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Tue, 6 May 2025 13:02:17 +0200
Subject: [PATCH] (!1967) dix: protect doPolyText() from potential NULL
 dereference

There's a (theoretical) chance that origGC might be NULL, so better
be cautious and check for this - doesn't cost us much, probably just
another JZ instruction.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
---
 dix/dixfonts.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dix/dixfonts.c b/dix/dixfonts.c
index dd617d99c..d8a451cb6 100644
--- a/dix/dixfonts.c
+++ b/dix/dixfonts.c
@@ -1317,7 +1317,7 @@ doPolyText(ClientPtr client, PTclosurePtr c)
 
     if (client_state == START_SLEEP) {
         /* Step 4 */
-        if (pFont != origGC->font) {
+        if (origGC && (pFont != origGC->font)) {
             ChangeGCVal val;
 
             val.ptr = pFont;