From 68c17477d29937e081c482a343a942d5bd41c4ee Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon, 10 Feb 2025 10:49:24 +1000
Subject: [PATCH] mi: guard miPointer functions against NULL dereferences

Already in place for some functions, let's add it to most others.
The only function missing is miPointerSetPosition() which needs to
return the ScreenPtr and that one is unclear if we don't have a screen -
returning NULL will crash the caller(s) so let's wait for something to
trigger this bug before we try to fix it wrongly.

Related to #1782

Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1771>
---
 mi/mipointer.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/mi/mipointer.c b/mi/mipointer.c
index c9fda954f..ae5fa6fad 100644
--- a/mi/mipointer.c
+++ b/mi/mipointer.c
@@ -208,6 +208,8 @@ miPointerDisplayCursor(DeviceIntPtr pDev, ScreenPtr pScreen, CursorPtr pCursor)
         return FALSE;
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return FALSE;
 
     pPointer->pCursor = pCursor;
     pPointer->pScreen = pScreen;
@@ -230,6 +232,8 @@ miPointerConstrainCursor(DeviceIntPtr pDev, ScreenPtr pScreen, BoxPtr pBox)
     miPointerPtr pPointer;
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return;
 
     pPointer->limits = *pBox;
     pPointer->confined = PointerConfinedToScreen(pDev);
@@ -281,6 +285,9 @@ miPointerSetCursorPosition(DeviceIntPtr pDev, ScreenPtr pScreen,
     SetupScreen(pScreen);
     miPointerPtr pPointer = MIPOINTER(pDev);
 
+    if (!pPointer)
+        return TRUE;
+
     pPointer->generateEvent = generateEvent;
 
     if (pScreen->ConstrainCursorHarder)
@@ -387,6 +394,8 @@ miPointerWarpCursor(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y)
     BOOL changedScreen = FALSE;
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return;
 
     if (pPointer->pScreen != pScreen) {
         mieqSwitchScreen(pDev, pScreen, TRUE);
@@ -512,6 +521,9 @@ miPointerInvalidateSprite(DeviceIntPtr pDev)
     miPointerPtr pPointer;
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return;
+
     pPointer->pSpriteCursor = (CursorPtr) 1;
 }
 
@@ -530,6 +542,8 @@ miPointerSetScreen(DeviceIntPtr pDev, int screen_no, int x, int y)
     miPointerPtr pPointer;
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return;
 
     pScreen = screenInfo.screens[screen_no];
     mieqSwitchScreen(pDev, pScreen, FALSE);
@@ -574,6 +588,8 @@ miPointerMoveNoEvent(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y)
     SetupScreen(pScreen);
 
     pPointer = MIPOINTER(pDev);
+    if (!pPointer)
+        return;
 
     /* Hack: We mustn't call into ->MoveCursor for anything but the
      * VCP, as this may cause a non-HW rendered cursor to be rendered while