Crash first appears in ab311bf20535acd6e7201e024bc311e0e15b5b6b. This commit rewrote wcmUpdateButtonKeyActions with one-indexed arrays in mind and extended the 'keys' array in _WacomDeviceRec to make room. However, the 'wheel_keys' and 'strip_keys' were not updated.
Running e.g. `xsetwacom --set pad StripLeftDown button 4` results in a call to wcmUpdateButtonKeyActions. Its call to memset oversteps the array bounds and just happens to zero the 'common' pointer. The next tablet event results in a segfault as the driver tries to dereference the pointer. Signed-off-by: Jason Gerecke <[email protected]> --- src/xf86WacomDefs.h | 10 ++++++---- 1 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/xf86WacomDefs.h b/src/xf86WacomDefs.h index e80afb0..5f5d969 100644 --- a/src/xf86WacomDefs.h +++ b/src/xf86WacomDefs.h @@ -240,16 +240,18 @@ struct _WacomDeviceRec int wheelup; int wheeldn; /* keystrokes assigned to wheel events (default is the buttons above). - * Order is relup, reldwn, wheelup, wheeldn. */ - unsigned wheel_keys[4][256]; + * Order is relup, reldwn, wheelup, wheeldn. Like 'keys', this array + * is one-indexed */ + unsigned wheel_keys[4+1][256]; int striplup; int stripldn; int striprup; int striprdn; /* keystrokes assigned to strip events (default is the buttons above). - * Order is striplup, stripldn, striprup, striprdn. */ - unsigned strip_keys[4][256]; + * Order is striplup, stripldn, striprup, striprdn. Like 'keys', this + * array is one-indexed */ + unsigned strip_keys[4+1][256]; int nbuttons; /* number of buttons for this subdevice */ int naxes; /* number of axes */ /* FIXME: always 6, and the code relies on that... */ -- 1.7.1 ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Linuxwacom-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linuxwacom-devel
