From 6c9f2ecc3254b3d71b1b0f7a502939cfdc7ed472 Mon Sep 17 00:00:00 2001 From: "Enrico Weigelt, metux IT consult" Date: Wed, 7 May 2025 15:06:21 +0200 Subject: [PATCH] xfree86: int10: extra NULL protection Even though chances are really low it's ever getting hit, it's still safer to have some sanity checks (which don't cost us much) than risking segfault. Signed-off-by: Enrico Weigelt, metux IT consult --- hw/xfree86/int10/vbe.c | 3 ++- hw/xfree86/int10/vbeModes.c | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/hw/xfree86/int10/vbe.c b/hw/xfree86/int10/vbe.c index 1c45b398e..2c4cc02fb 100644 --- a/hw/xfree86/int10/vbe.c +++ b/hw/xfree86/int10/vbe.c @@ -833,7 +833,8 @@ VBEVesaSaveRestore(vbeInfoPtr pVbe, vbeSaveRestorePtr vbe_sr, vbe_sr->stateMode = -1; /* invalidate */ /* don't rely on the memory not being touched */ if (vbe_sr->pstate == NULL) - vbe_sr->pstate = malloc(vbe_sr->stateSize); + vbe_sr->pstate = calloc(1, vbe_sr->stateSize); + assert(vbe_sr->pstate); memcpy(vbe_sr->pstate, vbe_sr->state, vbe_sr->stateSize); } ErrorF("VBESaveRestore done with success\n"); diff --git a/hw/xfree86/int10/vbeModes.c b/hw/xfree86/int10/vbeModes.c index 7c5d882fc..0d210635a 100644 --- a/hw/xfree86/int10/vbeModes.c +++ b/hw/xfree86/int10/vbeModes.c @@ -405,6 +405,8 @@ VBESetModeParameters(ScrnInfoPtr pScrn, vbeInfoPtr pVbe) "Attempting to use %dHz refresh for mode \"%s\" (%x)\n", (int) pMode->VRefresh, pMode->name, data->mode); data->block = calloc(1, sizeof(VbeCRTCInfoBlock)); + if (!data->block) + continue; data->block->HorizontalTotal = best->HTotal; data->block->HorizontalSyncStart = best->HSyncStart; data->block->HorizontalSyncEnd = best->HSyncEnd;