render: avoid NULL pointer dereference if PictureFindVisual returns NULL

Found by Oracle Parfait 13.3:
   Null pointer dereference [null-pointer-deref]:
      Read from null pointer pVisual
        at line 257 of dix/colormap.c in function 'CreateColormap'.
          Null pointer introduced at line 412 of render/picture.c in
	   function 'PictureFindVisual'.
          Constant 'NULL' passed into function CreateColormap, argument
	   pVisual, from call at line 431 in function
	   'PictureInitIndexedFormat'.
          Function PictureFindVisual may return constant 'NULL' at
	   line 412, called at line 429.

Fixes: d4a101d4e ("Integration of DAMAGE-XFIXES branch to trunk")
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1730>
This commit is contained in:
Alan Coopersmith 2024-10-12 16:38:55 -07:00 committed by Marge Bot
parent d10589cc09
commit 7af077dd2f

View File

@ -429,6 +429,9 @@ PictureInitIndexedFormat(ScreenPtr pScreen, PictFormatPtr format)
else { else {
VisualPtr pVisual = PictureFindVisual(pScreen, format->index.vid); VisualPtr pVisual = PictureFindVisual(pScreen, format->index.vid);
if (pVisual == NULL)
return FALSE;
if (CreateColormap(FakeClientID(0), pScreen, pVisual, if (CreateColormap(FakeClientID(0), pScreen, pVisual,
&format->index.pColormap, AllocNone, 0) &format->index.pColormap, AllocNone, 0)
!= Success) != Success)