File U_xfree86-Change-displays-array-to-pointers-array-to-f.patch of Package xorg-x11-server.24874

From f8a6be04d0c7e6a99824ff888ad6c010960c5c21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Spintzyk?= <lukasz.spintzyk@synaptics.com>
Date: Tue, 8 Jun 2021 20:02:21 +0200
Subject: [PATCH] xfree86: Change displays array to pointers array to fix
 invalid pointer issues after table reallocation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

There are rare cases when xf86SetDepthBpp is resizing displays array in confScreen.
As that array is shared between set of ScrnInfoRec's then realloc might invalidate chached DispPtr display values in
otheres ScrnInfoRec objects.

If we will change displays array as an array of pointers to DispRec then cached DispRec pointers in ScrnInfoRec
won't be invalid after reallocation of displays array.

Signed-off-by: Ɓukasz Spintzyk <lukasz.spintzyk@synaptics.com>
---
 hw/xfree86/common/xf86Config.c | 10 +++++----
 hw/xfree86/common/xf86Helper.c | 37 +++++++++++++++++-----------------
 hw/xfree86/common/xf86str.h    |  2 +-
 3 files changed, 26 insertions(+), 23 deletions(-)

diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c
index 608f093bb..73ab88ba5 100644
--- a/hw/xfree86/common/xf86Config.c
+++ b/hw/xfree86/common/xf86Config.c
@@ -1794,7 +1794,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
         count++;
         dispptr = (XF86ConfDisplayPtr) dispptr->list.next;
     }
-    screenp->displays = xnfallocarray(count, sizeof(DispRec));
+    screenp->displays = xnfallocarray(count, sizeof(DispPtr));
     screenp->numdisplays = count;
 
     /* Fill in the default Virtual size, if any */
@@ -1802,8 +1802,9 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
         for (count = 0, dispptr = conf_screen->scrn_display_lst;
              dispptr;
              dispptr = (XF86ConfDisplayPtr) dispptr->list.next, count++) {
-            screenp->displays[count].virtualX = conf_screen->scrn_virtualX;
-            screenp->displays[count].virtualY = conf_screen->scrn_virtualY;
+            screenp->displays[count] = xnfcalloc(1, sizeof(DispRec));
+            screenp->displays[count]->virtualX = conf_screen->scrn_virtualX;
+            screenp->displays[count]->virtualY = conf_screen->scrn_virtualY;
         }
     }
 
@@ -1811,7 +1812,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
     count = 0;
     dispptr = conf_screen->scrn_display_lst;
     while (dispptr) {
-        configDisplay(&(screenp->displays[count]), dispptr);
+        configDisplay(screenp->displays[count], dispptr);
         count++;
         dispptr = (XF86ConfDisplayPtr) dispptr->list.next;
     }
@@ -1819,6 +1820,7 @@ configScreen(confScreenPtr screenp, XF86ConfScreenPtr conf_screen, int scrnum,
     /*
      * figure out how many videoadaptor references there are and fill them in
      */
+    count = 0;
     conf_adaptor = conf_screen->scrn_adaptor_lst;
     while (conf_adaptor) {
         count++;
diff --git a/hw/xfree86/common/xf86Helper.c b/hw/xfree86/common/xf86Helper.c
index 16ab309e2..0389945a7 100644
--- a/hw/xfree86/common/xf86Helper.c
+++ b/hw/xfree86/common/xf86Helper.c
@@ -526,8 +526,8 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
      * Find the Display subsection matching the depth/fbbpp and initialise
      * scrp->display with it.
      */
-    for (i = 0, disp = scrp->confScreen->displays;
-         i < scrp->confScreen->numdisplays; i++, disp++) {
+    for (i = 0; i < scrp->confScreen->numdisplays; i++) {
+        disp = scrp->confScreen->displays[i];
         if ((disp->depth == scrp->depth && disp->fbbpp == scrp->bitsPerPixel)
             || (disp->depth == scrp->depth && disp->fbbpp <= 0)
             || (disp->fbbpp == scrp->bitsPerPixel && disp->depth <= 0)) {
@@ -541,8 +541,8 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
      * depth or fbbpp specified.
      */
     if (i == scrp->confScreen->numdisplays) {
-        for (i = 0, disp = scrp->confScreen->displays;
-             i < scrp->confScreen->numdisplays; i++, disp++) {
+        for (i = 0; i < scrp->confScreen->numdisplays; i++) {
+            disp = scrp->confScreen->displays[i];
             if (disp->depth <= 0 && disp->fbbpp <= 0) {
                 scrp->display = disp;
                 break;
@@ -557,24 +557,25 @@ xf86SetDepthBpp(ScrnInfoPtr scrp, int depth, int dummy, int fbbpp,
         scrp->confScreen->numdisplays++;
         scrp->confScreen->displays =
             xnfreallocarray(scrp->confScreen->displays,
-                            scrp->confScreen->numdisplays, sizeof(DispRec));
+                            scrp->confScreen->numdisplays, sizeof(DispPtr));
         xf86DrvMsg(scrp->scrnIndex, X_INFO,
                    "Creating default Display subsection in Screen section\n"
                    "\t\"%s\" for depth/fbbpp %d/%d\n",
                    scrp->confScreen->id, scrp->depth, scrp->bitsPerPixel);
-        memset(&scrp->confScreen->displays[i], 0, sizeof(DispRec));
-        scrp->confScreen->displays[i].blackColour.red = -1;
-        scrp->confScreen->displays[i].blackColour.green = -1;
-        scrp->confScreen->displays[i].blackColour.blue = -1;
-        scrp->confScreen->displays[i].whiteColour.red = -1;
-        scrp->confScreen->displays[i].whiteColour.green = -1;
-        scrp->confScreen->displays[i].whiteColour.blue = -1;
-        scrp->confScreen->displays[i].defaultVisual = -1;
-        scrp->confScreen->displays[i].modes = xnfalloc(sizeof(char *));
-        scrp->confScreen->displays[i].modes[0] = NULL;
-        scrp->confScreen->displays[i].depth = depth;
-        scrp->confScreen->displays[i].fbbpp = fbbpp;
-        scrp->display = &scrp->confScreen->displays[i];
+        scrp->confScreen->displays[i] = xnfcalloc(1, sizeof(DispRec));
+        memset(scrp->confScreen->displays[i], 0, sizeof(DispRec));
+        scrp->confScreen->displays[i]->blackColour.red = -1;
+        scrp->confScreen->displays[i]->blackColour.green = -1;
+        scrp->confScreen->displays[i]->blackColour.blue = -1;
+        scrp->confScreen->displays[i]->whiteColour.red = -1;
+        scrp->confScreen->displays[i]->whiteColour.green = -1;
+        scrp->confScreen->displays[i]->whiteColour.blue = -1;
+        scrp->confScreen->displays[i]->defaultVisual = -1;
+        scrp->confScreen->displays[i]->modes = xnfalloc(sizeof(char *));
+        scrp->confScreen->displays[i]->modes[0] = NULL;
+        scrp->confScreen->displays[i]->depth = depth;
+        scrp->confScreen->displays[i]->fbbpp = fbbpp;
+        scrp->display = scrp->confScreen->displays[i];
     }
 
     /*
diff --git a/hw/xfree86/common/xf86str.h b/hw/xfree86/common/xf86str.h
index 8f8685ef2..9072932cb 100644
--- a/hw/xfree86/common/xf86str.h
+++ b/hw/xfree86/common/xf86str.h
@@ -351,7 +351,7 @@ typedef struct _confscreenrec {
     MonPtr monitor;
     GDevPtr device;
     int numdisplays;
-    DispPtr displays;
+    DispPtr *displays;
     int numxvadaptors;
     confXvAdaptorPtr xvadaptors;
     void *options;
-- 
2.34.1

openSUSE Build Service is sponsored by