Multiple functions in the Xinput extension handling of requests from
clients failed to check that the length of the request sent by the
client was large enough to perform all the required operations and
thus could read or write to memory outside the bounds of the request
buffer.
This commit includes the creation of a new REQUEST_AT_LEAST_EXTRA_SIZE
macro in include/dix.h for the common case of needing to ensure a
request is large enough to include both the request itself and a
minimum amount of extra data following the request header.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 73c63afb93)
Signed-off-by: Julien Cristau <jcristau@debian.org>
ProcDbeSwapBuffers() has a 32bit (n) length value that it uses to read
from a buffer. The length is never validated, which can lead to out of
bound reads, and possibly returning the data read from out of bounds to
the misbehaving client via an X Error packet.
SProcDbeSwapBuffers() swaps data (for correct endianness) before
handing it off to the real proc. While doing the swapping, the
length field is not validated, which can cause memory corruption.
v2: reorder checks to avoid compilers optimizing out checks for overflow
that happen after we'd already have done the overflowing multiplications.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 2ef42519c4)
Signed-off-by: Julien Cristau <jcristau@debian.org>
ProcDRI2GetBuffers() tries to validate a length field (count).
There is an integer overflow in the validation. This can cause
out of bound reads and memory corruption later on.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
(cherry picked from commit 6692670fde)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Force use of 64-bit integers when evaluating data provided by clients
in 32-bit fields which can overflow when added or multiplied during
checks.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit e0e1164462)
Signed-off-by: Julien Cristau <jcristau@debian.org>
RegionSizeof contains several integer overflows if a large length
value is passed in. Once we fix it to return 0 on overflow, we
also have to fix the callers to handle this error condition
v2: Fixed limit calculation in RegionSizeof as pointed out by jcristau.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
(cherry picked from commit 97015a07b9)
Signed-off-by: Julien Cristau <jcristau@debian.org>
GetHosts() iterates over all the hosts it has in memory, and copies
them to a buffer. The buffer length is calculated by iterating over
all the hosts and adding up all of their combined length. There is a
potential integer overflow, if there are lots and lots of hosts (with
a combined length of > ~4 gig). This should be possible by repeatedly
calling ProcChangeHosts() on 64bit machines with enough memory.
This patch caps the list at 1mb, because multi-megabyte hostname
lists for X access control are insane.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit bc8e20430b)
Signed-off-by: Julien Cristau <jcristau@debian.org>
ProcPutImage() calculates a length field from a width, left pad and depth
specified by the client (if the specified format is XYPixmap).
The calculations for the total amount of memory the server needs for the
pixmap can overflow a 32-bit number, causing out-of-bounds memory writes
on 32-bit systems (since the length is stored in a long int variable).
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit eeae42d60b)
Signed-off-by: Julien Cristau <jcristau@debian.org>
authdes_ezdecode() calls malloc() using a length provided by the
connection handshake sent by a newly connected client in order
to authenticate to the server, so should be treated as untrusted.
It didn't check if malloc() failed before writing to the newly
allocated buffer, so could lead to a server crash if the server
fails to allocate memory (up to UINT16_MAX bytes, since the len
field is a CARD16 in the X protocol).
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 90cc925c59)
Signed-off-by: Julien Cristau <jcristau@debian.org>
This function can return NULL; make sure every caller tests for that.
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 61a292adf4)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Pageflips for Pixmap presents were not synchronized to vblank on
drivers with support for PresentCapabilityAsync, due to some
missing init for vblank->sync_flips. The PresentOptionAsync
flag was completely ignored for pageflipped presents.
Vsynced flips only worked by accident on the intel-ddx, as that
driver doesn't have PresentCapabilityAsync support.
On nouveau-ddx, which supports PresentCapabilityAsync, this
always caused non-vsynced pageflips with pretty ugly tearing.
This patch fixes the problem, as tested on top of XOrg 1.16.2
on nouveau and intel.
v4: Add additional PresentCapabilityAsync caps check, as
suggested by Eric Anholt.
Please also apply to XOrg 1.17 and XOrg 1.16.2 stable.
Applying on top of XOrg 1.16.2 requires cherry-picking
commit 2051514652
which trivially fixes lack of support for protocol option
PresentOptionCopy - get two bug fixes for the price of one!
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
Reviewed-by: Eric Anholt <eric@anholt.net>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit aae6460694)
Signed-off-by: Julien Cristau <jcristau@debian.org>
DebugPresent() crashed the server when a dri3 drawable
was closed while a pageflipped present was still pending,
due to vblank->window-> Null-Ptr deref, so debug builds
caused new problems to debug.
E.g.,
glXSwapBuffers(...);
glXDestroyWindow(...);
-> Pageflip for non-existent window completes -> boom.
Also often happens when switching desktop compositor on/off
due to Present unflips, or when logging out of session.
Also add info if a Present is queued for copyswap or pageflip,
if the present is vsynced, and the serial no of the Present
request, to aid debugging of pageflip and vsync issues. The
serial number is useful as Mesa's dri3/present backend encodes
its sendSBC in the serial number, so one can easily correlate
server debug output with Mesa and with the SBC values returned
to actual OpenGL client applications via OML_sync_control and
INTEL_swap_events extension, makes debugging quite a bit more
easy.
Please also cherry-pick this for a 1.16.x stable update.
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
Reviewed-by: Eric Anholt <eric@anholt.net>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 32d3100bd7)
Signed-off-by: Julien Cristau <jcristau@debian.org>
We added this option to the present protocol before 1.0 but somehow
never implemented it in the server. It's pretty simple; just don't
ever do flips if the application specifies Copy.
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
(cherry picked from commit 2051514652)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Covers the current state after commits 99f0365b1f,
d0da0e9c3b, & e3aa13b8d6 were all applied.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Jones <jajones@nvidia.com>
Reviewed-by: Robert Morell <rmorell@nvidia.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit b09d593428)
[alanc: Modified for server-1.16-branch to show +iglx as default instead of
-iglx, to match code in os/utils.c in server-1.16-branch.]
Signed-off-by: Julien Cristau <jcristau@debian.org>
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=54168
Fix errors introducted in 863d528a9f. Said
patch does indeed remove the problematic writes to bad memory, however
it also introduces errors in the algoritm. This patch has the effect of
reverting said patch and adding an if in the proper location to catch
the out of bounds memory write without causing problems to the overall
algorithm.
Signed-off-by: Alex Orange <crazycasta@gmail.com>
Reviewed-by: Peter Harris <pharris@opentext.com>
Tested-by: Peter Harris <pharris@opentext.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 1b94fd7779)
The GPU may still have a reference to the SHM segment which would only
be finally released when the Pixmap is destroy. So we can only detach
the SHM segment (and thereby making the memory unaccessible) after the
backend has had a chance to flush any remaining references.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=85058
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reported-and-tested-by: gedgon@gmail.com
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 9b29fa957a)
Signed-off-by: Julien Cristau <jcristau@debian.org>
When the target msc is past or is the current one, we want to get immediate
feedback. This patch fixes this behaviour.
Signed-off-by: Axel Davy <axel.davy@ens.fr>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 882f2d10d9)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Calling present_notify_msc could cancel a pending pixmap presentation.
Signed-off-by: Axel Davy <axel.davy@ens.fr>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 9bc01dfc70)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Introduced in 45fb3a934d. When a device is
enabled, the master's locked state is pushed to the slave. If the device is
floating, no master exists and we triggered a NULL-pointer dereference
in XkbPushLockedStateToSlaves.
X.Org Bug 81885 <http://bugs.freedesktop.org/show_bug.cgi?id=81885>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 1e30fc1b99)
Signed-off-by: Julien Cristau <jcristau@debian.org>
We have a hack in fb layer for a 24bpp screen to use 32bpp images, and
fbCreateWindow() replaces its drawable.bitsPerPixel field
appropriately. But, the problem is that it always replaces when 32bpp
is passed. If the depth is 32, this results in bpp < depth, which is
actually invalid.
Meanwhile, fbCreatePixmap() has a more check and it creates with 24bpp
only when the passed depth <= 24 for avoiding such a problem.
This oneliner patch just adds the similar check in fbCreateWindow().
This (hopefully) fixes the long-standing broken graphics mess of
cirrus KMS with 24bpp.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Reviewed-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit fe5018e056)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Move drm.xml out of the automake conditional so make dist includes it
even if glamor-egl is disabled.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=83960
Signed-off-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Eric Anholt <eric@anholt.net>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit af40913797)
Present didn't provide the 'kind' argument to the
present_complete_notify hook that GLX uses to construct
GLX_BufferSwapComplete events, so GLX was reporting events for
PresentCompleteKindMSC notifications, which resulted in duplicate
GLX_BufferSwapComplete events and crashes in clutter.
See the gnome bug: https://bugzilla.gnome.org/show_bug.cgi?id=733282
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Eric Anholt <eric@anholt.net>
(cherry picked from commit bf338efc67)
[backport to 1.16: check 'kind' in the caller to avoid ABI change]
Signed-off-by: Julien Cristau <jcristau@debian.org>
On platforms that don't support PCI or have no GPU attached to the PCI
bus, there can still be a primary device on a non-PCI bus.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 5d133276de)
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
When neither of the various bus implementations was able to find a
primary bus and device, fallback to using the platform bus as primary
bus and the first platform device as primary device.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
(cherry picked from commit 2f0183222b)
[hdegoede: backport to 1.16 which doesn't have syspath directly in OdevAttributes]
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
pharris says that the resets should not be done in the hotplugging case.
This may fix a crash reported against XQuartz:
http://xquartz.macosforge.org/trac/ticket/869
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Reviewed-by: Peter Harris <pharris@opentext.com>
(cherry picked from commit dfbc6a1a78)
To understand this patch, let's start at the protocol interface where
the relationship between the coordinate spaces is documented:
static Bool
_glamor_composite(CARD8 op,
PicturePtr source,
PicturePtr mask,
PicturePtr dest,
INT16 x_source,
INT16 y_source,
INT16 x_mask,
INT16 y_mask,
INT16 x_dest, INT16 y_dest,
CARD16 width, CARD16 height, Bool fallback)
The coordinates are passed to this function directly off the wire and
are all relative to their respective drawables. For Windows, this means
that they are relative to the upper left corner of the window, in
whatever pixmap that window is getting drawn to.
_glamor_composite calls miComputeCompositeRegion to construct a clipped
region to actually render to. In reality, miComputeCompositeRegion clips
only to the destination these days; source clip region based clipping
would have to respect the transform, which isn't really possible. The
returned region is relative to the screen in which dest lives; offset by
dest->drawable.x and dest->drawable.y.
What is important to realize here is that, because of clipping, the
composite region may not have the same position within the destination
drawable as x_dest, y_dest. The protocol coordinates now exist solely to
'pin' the three objects together.
extents->x1,y1 Screen origin of clipped operation
width,height Extents of the clipped operation
x_dest,y_dest Unclipped destination-relative operation coordinate
x_source,y_source Unclipped source-relative operation coordinate
x_mask,y_mask Unclipped mask-relative operation coordinate
One thing we want to know is what the offset is from the original
operation origin to the clipped origin
Destination drawable relative coordinates of the clipped operation:
x_dest_clipped = extents->x1 - dest->drawable.x
y_dest_clipped = extents->y1 - dest->drawable.y
Offset from the original operation origin:
x_off_clipped = x_dest_clipped - x_dest
y_off_clipped = y_dest_clipped - y_dest
Source drawable relative coordinates of the clipped operation:
x_source_clipped = x_source + x_off_clipped;
y_source_clipped = y_source + y_off_clipped;
Mask drawable relative coordinates of the clipped operation:
x_mask_clipped = x_source + x_off_clipped;
y_mask_clipped = y_source + y_off_clipped;
This is where the original code fails -- it doesn't subtract the
destination drawable location when computing the distance that the
operation has been moved by clipping. Here's what it does when
constructing a temporary source picture:
temp_src =
glamor_convert_gradient_picture(screen, source,
extent->x1 + x_source - x_dest,
extent->y1 + y_source - y_dest,
width, height);
...
x_temp_src = -extent->x1 + x_dest;
y_temp_src = -extent->y1 + y_dest;
glamor_convert_gradient_picture needs source drawable relative
coordinates, but that is not what it's getting; it's getting
screen-relative coordinates for the destination, adjusted by the
distance between the provided source and destination operation
coordinates. We want x_source_clipped and y_source_clipped:
x_source_clipped = x_source + x_off_clipped
= x_source + x_dest_clipped - x_dest
= x_source + extents->x1 - dest->drawable.x - x_dest
x_temp_src/y_temp_src are supposed to be the coordinates of the original
operation translated to the temporary picture:
x_temp_src = x_source - x_source_clipped;
y_temp_src = y_source - y_source_clipped;
Note that x_source_clipped/y_source_clipped will never be less than
x_source/y_source because all we're doing is clipping. This means that
x_temp_src/y_temp_src will always be non-positive; the original source
coordinate can never be strictly *inside* the temporary image or we
could have made the temporary image smaller.
x_temp_src = x_source - x_source_clipped
= x_source - (x_source + x_off_clipped)
= -x_off_clipped
= x_dest - x_dest_clipped
= x_dest - (extents->x1 - dest->drawable.x)
Again, this is off by the destination origin within the screen
coordinate space.
The code should look like:
temp_src =
glamor_convert_gradient_picture(screen, source,
extent->x1 + x_source - x_dest - dest->pDrawable->x,
extent->y1 + y_source - y_dest - dest->pDrawable->y,
width, height);
x_temp_src = -extent->x1 + x_dest + dest->pDrawable->x;
y_temp_src = -extent->y1 + y_dest + dest->pDrawable->y;
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Markus Wick <markus@selfnet.de>
(cherry picked from commit 55f5bfb578)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Don't allow setting string attributes to integers and vice versa.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
Looks like the value of ODEV_ATTRIB_DRIVER was not updated when the patch
adding it got rebased on top of a newer server version.
This fixes the xserver crashing when systemd-logind integration is used.
https://bugzilla.redhat.com/show_bug.cgi?id=1118540
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
This reverts commit d90b5f8301.
Reverting for two reasons:
* the scaling does not work on devices that don't advertise resolution, and
the default resolution used (100 units/mm) is higher than most devices,
resulting in a significant slowdown of the touchpads.
* the scaling is still affected by resolution changing. The patch worked
before acceleration but since it maps into resolution-dependent dx/dy
coordinates the acceleration may distort the movement after the fact. So the
same input data generates different movements depending on the resolution.
This can't easily be fixed for all affected devices as synaptics has its own
velocity calculation method whereas wacom doesn't. So anything in the server
won't work for both at the same time.
Revert this for now, until a more integrated solution can be implemented.
When the X server is compiled with --prefix set to something other than /usr,
then it ends up with a nonstandard sysconfigdir in its .pc file. This causes
various other components to install their xorg.conf.d snippets there.
However, the X server first looks for /usr/share/X11/xorg.conf.d before looking
in sysconfigdir. That means that if the system administrator installed anything
that created that path, the user's custom sysconfigdir is not searched.
Rather than doing that, just look in the configured sysconfdir and nowhere else.
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Commit 41d4beb261 added symmetry to the
screensaver/DPMS invocations so that one (en|dis)ables the other. Having
dependencies between DPMS and the screensaver is subject to further arguments,
but in this particular case using SCREENSAVER_FORCER is detrimental.
SCREENSAVER_FORCER(ScreenSaverReset) resets the idle time for all
devices on DPMS unblank.
It prevents at least one use-case that GNOME tries to implement:
GNOME displays a notification before suspending. If the display is
currently blanked, GNOME lights it up to display the message. With the
original patch in place DPMS unblank also resets the device idle times, thus
restarting the timeout ad infinitum.
Switch this to a more suggestive SCREENSAVER_OFF(ScreenSaverReset). This keeps
the symmetry in blanking mode (DPMS and screensaver turn each other on/off as
expected) but does not reset the idle time on the devices.
https://bugzilla.gnome.org/show_bug.cgi?id=731241
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-By: Egbert Eich <eich@freedesktop.org>
If an empty string is provided to LogMessageVerbSigSafe, the length of the
printed string is 0.
Read-only access only and the only effect it had was adding a linebreak or not.
X.Org Bug 80890 <http://bugs.freedesktop.org/show_bug.cgi?id=80890>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
While at it also replace a tab by four spaces for consistency.
Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
Tested-By: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
Use the OutputClass configuration to determine what drivers to autoload
for a given device.
Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
Tested-By: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
The OutputClass section provides a way to match output devices to a set
of given attributes and configure them. For now, only matching by kernel
driver name is supported. This can be used to determine what DDX module
to load for non-PCI output devices. DDX modules can ship an xorg.conf.d
snippet (e.g. in /usr/share/X11/xorg.conf.d) that looks like this:
Section "OutputClass"
Identifer "NVIDIA Tegra open-source driver"
MatchDriver "tegra"
Driver "opentegra"
EndSection
This will cause any device that's driven by the kernel driver named
"tegra" to use the "opentegra" DDX module.
See the OUTPUTCLASS section in xorg.conf(5) for more details.
Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
Tested-By: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
When opening a DRM device, query the version and store the driver name
as a new attribute for future reference.
Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
Tested-By: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Tested-by: Rob Clark <robdclark@gmail.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
Most of the driver enumeration functions take an array and a maximum
number of entries that they are allowed to fill in. Upon success, they
return the number of entries filled in. This allows them to be easily
used to consecutively.
One exception is the xf86MatchDriverFromFiles() function, which doesn't
return a value, so callers have to manually search the array for the
first empty entry.
This commit modifies the xf86MatchDriverFromFiles() to behave the same
way as others, which makes it easier to deal with.
Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
Tested-By: Aaron Plattner <aplattner@nvidia.com>
Tested-by: Rob Clark <robdclark@gmail.com> (on arm / platform device)
Signed-off-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
We fixed fbCloseScreen to use the FreePixmap function so that the
private counts would be updated correctly during CloseScreen. Xvfb
calls FreePixmap and sets devPrivate to NULL before fbCloseScreen is
called; not checking devPrivate before calling would result in a NULL
pointer dereference.
Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
With my patch to fix shared libXfont to work correctly on Cygwin/Win32,
there is no need for -static anymore. But, XWin.exe must export its
symbols in order for them to override libXfont's stubs.
Signed-off-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Reviewed-by: Jon TURNEY <jon.turney@dronecode.org.uk>
The format string wants a picture and a character, but the argument list
contains only a character, causing GCC to complain. Add the missing
argument.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
