From b9f48d60bc0c839bd323c582231e8e7e2b810af6 Mon Sep 17 00:00:00 2001 From: Jamey Sharp Date: Wed, 19 May 2010 10:44:33 -0700 Subject: [PATCH] Device init: Don't crash when CreateGC fails. ActivateDevice was ignoring errors from DeviceCursorInitialize, so cursor-related calls failed later. Jeremy Huddleston saw that crash in miPointerConstrainCursor, while with Xvfb I saw it in miSpriteRealizeCursor. miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls Cleanup on any failure, but if it failed early then some of the pointers in the miDCBufferPtr were garbage. Switch from malloc to calloc to ensure everything's initialized safely first. With these two fixes, if CreateGC fails then the server gracefully fails in FatalError instead of segfaulting. Signed-off-by: Jamey Sharp Cc: Peter Hutterer Reviewed-by: Peter Hutterer Signed-off-by: Keith Packard --- dix/devices.c | 3 ++- mi/midispcur.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/dix/devices.c b/dix/devices.c index ab8c3f9db..cf23bc6d0 100644 --- a/dix/devices.c +++ b/dix/devices.c @@ -463,7 +463,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent) /* Initialize memory for sprites. */ if (IsMaster(dev) && dev->spriteInfo->spriteOwner) - pScreen->DeviceCursorInitialize(dev, pScreen); + if (!pScreen->DeviceCursorInitialize(dev, pScreen)) + ret = BadAlloc; SendDevicePresenceEvent(dev->id, DeviceAdded); if (sendevent) diff --git a/mi/midispcur.c b/mi/midispcur.c index 61e313305..16495e45f 100644 --- a/mi/midispcur.c +++ b/mi/midispcur.c @@ -742,7 +742,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen) { pScreen = screenInfo.screens[i]; - pBuffer = malloc(sizeof(miDCBufferRec)); + pBuffer = calloc(1, sizeof(miDCBufferRec)); if (!pBuffer) goto failure;