From 869d37721425d219c50962b694c3326407d1d2e6 Mon Sep 17 00:00:00 2001 From: Jamey Sharp Date: Wed, 19 May 2010 10:44:33 -0700 Subject: [PATCH] Device init: Don't crash when CreateGC fails. ActivateDevice was ignoring errors from DeviceCursorInitialize, so cursor-related calls failed later. Jeremy Huddleston saw that crash in miPointerConstrainCursor, while with Xvfb I saw it in miSpriteRealizeCursor. miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls Cleanup on any failure, but if it failed early then some of the pointers in the miDCBufferPtr were garbage. Switch from malloc to calloc to ensure everything's initialized safely first. With these two fixes, if CreateGC fails then the server gracefully fails in FatalError instead of segfaulting. Signed-off-by: Jamey Sharp Cc: Peter Hutterer Reviewed-by: Peter Hutterer Signed-off-by: Keith Packard (cherry-picked from commit b9f48d60bc0c839bd323c582231e8e7e2b810af6) --- dix/devices.c | 3 ++- mi/midispcur.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/dix/devices.c b/dix/devices.c index 32e067bca..042f12ffa 100644 --- a/dix/devices.c +++ b/dix/devices.c @@ -474,7 +474,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent) /* Initialize memory for sprites. */ if (IsMaster(dev) && dev->spriteInfo->spriteOwner) - pScreen->DeviceCursorInitialize(dev, pScreen); + if (!pScreen->DeviceCursorInitialize(dev, pScreen)) + ret = BadAlloc; SendDevicePresenceEvent(dev->id, DeviceAdded); if (sendevent) diff --git a/mi/midispcur.c b/mi/midispcur.c index 904163091..54a6787a4 100644 --- a/mi/midispcur.c +++ b/mi/midispcur.c @@ -780,7 +780,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen) { pScreen = screenInfo.screens[i]; - pBuffer = xalloc(sizeof(miDCBufferRec)); + pBuffer = xcalloc(1, sizeof(miDCBufferRec)); if (!pBuffer) goto failure;