From 169805e1dc8743b37b00e24cf3a5eb8748f733ad Mon Sep 17 00:00:00 2001 From: Alan Coopersmith Date: Sun, 6 Jul 2014 11:13:49 -0700 Subject: [PATCH] Fix validation of ctrls parameter to XkbGetPerClientControls() Nothing in the XKB spec states that the memory pointed to by ctrls has to be initialized to any given value when passed to the function, only that it is set by the function to the values returned by the X server: http://www.x.org/releases/X11R7.7/doc/libX11/XKB/xkblib.html#The_Miscellaneous_Per_client_Controls The check for the incoming value seems to be copied from XkbSetPerClientControls without explanation. Instead change it to checking if ctrls is non-NULL, since there's no point asking the X server to return a value the caller won't even see. Found while investigating report from cppcheck-1.65: [src/xkb/XKB.c:699] -> [src/xkb/XKB.c:719]: (warning) Possible null pointer dereference: ctrls - otherwise it is redundant to check it against null. Signed-off-by: Alan Coopersmith --- src/xkb/XKB.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/src/xkb/XKB.c b/src/xkb/XKB.c index 6413ba27..03a89d07 100644 --- a/src/xkb/XKB.c +++ b/src/xkb/XKB.c @@ -696,9 +696,7 @@ XkbGetPerClientControls(Display *dpy, unsigned *ctrls) if ((dpy->flags & XlibDisplayNoXkb) || (!dpy->xkb_info && !XkbUseExtension(dpy, NULL, NULL)) || - (*ctrls & ~(XkbPCF_GrabsUseXKBStateMask | - XkbPCF_LookupStateWhenGrabbed | - XkbPCF_SendEventUsesXKBState))) + (ctrls == NULL)) return False; LockDisplay(dpy); xkbi = dpy->xkb_info; @@ -716,10 +714,9 @@ XkbGetPerClientControls(Display *dpy, unsigned *ctrls) } UnlockDisplay(dpy); SyncHandle(); - if (ctrls) - *ctrls = (rep.value & (XkbPCF_GrabsUseXKBStateMask | - XkbPCF_LookupStateWhenGrabbed | - XkbPCF_SendEventUsesXKBState)); + *ctrls = (rep.value & (XkbPCF_GrabsUseXKBStateMask | + XkbPCF_LookupStateWhenGrabbed | + XkbPCF_SendEventUsesXKBState)); return (True); }