frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xfree86: int10: extra NULL protection 

Even though chances are really low it's ever getting hit, it's still safer
to have some sanity checks (which don't cost us much) than risking segfault.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This commit is contained in:
Enrico Weigelt, metux IT consult 2025-05-07 15:06:21 +02:00
parent cd143176fc
commit 67e8f54a60
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
hw/xfree86/int10/vbe.c
View File

@ -834,8 +834,6 @@ VBESetGetPaletteData(vbeInfoPtr pVbe, Bool set, int first, int num,
VBEpmi * VBEpmi *
VBEGetVBEpmi(vbeInfoPtr pVbe) VBEGetVBEpmi(vbeInfoPtr pVbe)
{ {
VBEpmi *pmi;
/* /*
Input: Input:
AH := 4Fh Super VGA support AH := 4Fh Super VGA support
@ -859,7 +857,10 @@ VBEGetVBEpmi(vbeInfoPtr pVbe)
if (R16(pVbe->pInt10->ax) != 0x4f) if (R16(pVbe->pInt10->ax) != 0x4f)
return NULL; return NULL;
pmi = malloc(sizeof(VBEpmi)); VBEpmi *pmi = calloc(1, sizeof(VBEpmi));
if (!pmi)
return NULL;
pmi->seg_tbl = R16(pVbe->pInt10->es); pmi->seg_tbl = R16(pVbe->pInt10->es);
pmi->tbl_off = R16(pVbe->pInt10->di); pmi->tbl_off = R16(pVbe->pInt10->di);
pmi->tbl_len = R16(pVbe->pInt10->cx); pmi->tbl_len = R16(pVbe->pInt10->cx);
@ -936,7 +937,8 @@ VBEVesaSaveRestore(vbeInfoPtr pVbe, vbeSaveRestorePtr vbe_sr,
vbe_sr->stateMode = -1; /* invalidate */ vbe_sr->stateMode = -1; /* invalidate */
/* don't rely on the memory not being touched */ /* don't rely on the memory not being touched */
if (vbe_sr->pstate == NULL) if (vbe_sr->pstate == NULL)
vbe_sr->pstate = malloc(vbe_sr->stateSize); vbe_sr->pstate = calloc(1, vbe_sr->stateSize);
assert(vbe_sr->pstate);
memcpy(vbe_sr->pstate, vbe_sr->state, vbe_sr->stateSize); memcpy(vbe_sr->pstate, vbe_sr->state, vbe_sr->stateSize);
} }
ErrorF("VBESaveRestore done with success\n"); ErrorF("VBESaveRestore done with success\n");

2
hw/xfree86/int10/vbeModes.c
View File

@ -405,6 +405,8 @@ VBESetModeParameters(ScrnInfoPtr pScrn, vbeInfoPtr pVbe)
"Attempting to use %dHz refresh for mode \"%s\" (%x)\n", "Attempting to use %dHz refresh for mode \"%s\" (%x)\n",
(int) pMode->VRefresh, pMode->name, data->mode); (int) pMode->VRefresh, pMode->name, data->mode);
data->block = calloc(1, sizeof(VbeCRTCInfoBlock)); data->block = calloc(1, sizeof(VbeCRTCInfoBlock));
if (!data->block)
continue;
data->block->HorizontalTotal = best->HTotal; data->block->HorizontalTotal = best->HTotal;
data->block->HorizontalSyncStart = best->HSyncStart; data->block->HorizontalSyncStart = best->HSyncStart;
data->block->HorizontalSyncEnd = best->HSyncEnd; data->block->HorizontalSyncEnd = best->HSyncEnd;