File U_xfree86-Fix-NULL-pointer-dereference-crash.patch of Package xorg-x11-server.28361
From e49738f0c9d4370c7a7e6e86c2c74151aa2e33fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zolt=C3=A1n=20B=C3=B6sz=C3=B6rm=C3=A9nyi?= <zboszor@pr.hu>
Date: Mon, 21 Jun 2021 12:12:41 +0200
Subject: [PATCH] xfree86: Fix NULL pointer dereference crash
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
screenp->displays[count] (passed to configDisplay() in
configScreen()) is NULL if there is no Virtual setting
in the configuration.
Fixes: f8a6be04d0c7e6a99824ff888ad6c010960c5c21 ("xfree86: Change
displays array to pointers array to fix invalid pointer issues
after table reallocation")
Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
(cherry picked from commit ef89b6648e2a806237a6d2fa598e1b9c83f128b4)
---
hw/xfree86/common/xf86Config.c | 23 ++++++++++-------------
1 file changed, 10 insertions(+), 13 deletions(-)
diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c
index 312597c7e..09d27ecb7 100644
--- a/hw/xfree86/common/xf86Config.c
+++ b/hw/xfree86/common/xf86Config.c
@@ -1763,24 +1763,21 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
screenp->displays = xnfallocarray(count, sizeof(DispPtr));
screenp->numdisplays = count;
- /* Fill in the default Virtual size, if any */
- if (conf_screen->scrn_virtualX && conf_screen->scrn_virtualY) {
- for (count = 0, dispptr = conf_screen->scrn_display_lst;
- dispptr;
- dispptr = (XF86ConfDisplayPtr) dispptr->list.next, count++) {
- screenp->displays[count] = xnfcalloc(1, sizeof(DispRec));
+ for (count = 0, dispptr = conf_screen->scrn_display_lst;
+ dispptr;
+ dispptr = (XF86ConfDisplayPtr) dispptr->list.next, count++) {
+
+ /* Allocate individual Display records */
+ screenp->displays[count] = xnfcalloc(1, sizeof(DispRec));
+
+ /* Fill in the default Virtual size, if any */
+ if (conf_screen->scrn_virtualX && conf_screen->scrn_virtualY) {
screenp->displays[count]->virtualX = conf_screen->scrn_virtualX;
screenp->displays[count]->virtualY = conf_screen->scrn_virtualY;
}
- }
- /* Now do the per-Display Virtual sizes */
- count = 0;
- dispptr = conf_screen->scrn_display_lst;
- while (dispptr) {
+ /* Now do the per-Display Virtual sizes */
configDisplay(screenp->displays[count], dispptr);
- count++;
- dispptr = (XF86ConfDisplayPtr) dispptr->list.next;
}
/*
--
GitLab