From 8c9909a99292b2fb4a86de694bb0029f61e35662 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Tue, 28 Feb 2017 14:27:52 +0100
Subject: [PATCH] xwayland: Make sure we have a focus window

During the InitInput() phase, the wayland events get dequeued so we
can possibly end up calling dispatch_pointer_motion_event().

If this occurs before xwl_seat->focus_window is set, it leads to a NULL
pointer derefence and a segfault.

Check for xwl_seat->focus_window in both pointer_handle_frame() and
relative_pointer_handle_relative_motion() prior to calling
dispatch_pointer_motion_event()  like it's done in
pointer_handle_motion().

Bugzilla: https://bugzilla.redhat.com/1410804
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
 hw/xwayland/xwayland-input.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c
index cc83ef868..2ca99d9b2 100644
--- a/hw/xwayland/xwayland-input.c
+++ b/hw/xwayland/xwayland-input.c
@@ -510,6 +510,9 @@ pointer_handle_frame(void *data, struct wl_pointer *wl_pointer)
 {
     struct xwl_seat *xwl_seat = data;
 
+    if (!xwl_seat->focus_window)
+        return;
+
     dispatch_pointer_motion_event(xwl_seat);
 }
 
@@ -560,6 +563,9 @@ relative_pointer_handle_relative_motion(void *data,
     xwl_seat->pending_pointer_event.dx_unaccel = wl_fixed_to_double(dx_unaccelf);
     xwl_seat->pending_pointer_event.dy_unaccel = wl_fixed_to_double(dy_unaccelf);
 
+    if (!xwl_seat->focus_window)
+        return;
+
     if (wl_proxy_get_version((struct wl_proxy *) xwl_seat->wl_pointer) < 5)
         dispatch_pointer_motion_event(xwl_seat);
 }