Re: [PATCH] dmx: Fix null pointer dereference
On Sun, 2017-03-12 at 14:21 +0100, Tobias Stoeckmann wrote: > A null pointer dereference can occur in dmxSync, because TimerForce > does not handle a null pointer. > > dmxSyncTimer is set to NULL a few lines above on a certain condition, > which happened on my machine. The explicit NULL check allowed me to > start Xdmx again without a segmentation fault. Merged, thanks: remote: I: patch #143633 updated using rev 21eda7464d0e13ac6558edaf6531c3d3251e05df. remote: I: 1 patch(es) updated to state Accepted. To ssh://git.freedesktop.org/git/xorg/xserver 5cdfcde..21eda74 master -> master - ajax ___ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH] dmx: Fix null pointer dereference
On Sun, Mar 12, 2017 at 03:47:50PM +0100, walter harms wrote:
> why not patch TimerForce() and solve the problem for once and any one ?
I didn't do it because I am not sure about the implied consequences of
simply accepting NULL. Maybe it's not meant to be used that way.
But here's the alternative possibility.
---
os/WaitFor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/os/WaitFor.c b/os/WaitFor.c
index 613608faf..ab5f8a3b8 100644
--- a/os/WaitFor.c
+++ b/os/WaitFor.c
@@ -261,7 +261,7 @@ AdjustWaitForDelay(void *waitTime, int newdelay)
}
static inline Bool timer_pending(OsTimerPtr timer) {
-return !xorg_list_is_empty(>list);
+return timer != NULL && !xorg_list_is_empty(>list);
}
/* If time has rewound, re-run every affected timer.
--
2.12.0
___
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
Re: [PATCH] dmx: Fix null pointer dereference
Am 12.03.2017 14:21, schrieb Tobias Stoeckmann:
> A null pointer dereference can occur in dmxSync, because TimerForce
> does not handle a null pointer.
>
> dmxSyncTimer is set to NULL a few lines above on a certain condition,
> which happened on my machine. The explicit NULL check allowed me to
> start Xdmx again without a segmentation fault.
> ---
> hw/dmx/dmxsync.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/dmx/dmxsync.c b/hw/dmx/dmxsync.c
> index 1bc242343..b55c9ddf3 100644
> --- a/hw/dmx/dmxsync.c
> +++ b/hw/dmx/dmxsync.c
> @@ -182,7 +182,7 @@ dmxSync(DMXScreenInfo * dmxScreen, Bool now)
>
> /* Do sync or set time for later */
> if (now || !dmxScreen) {
> -if (!TimerForce(dmxSyncTimer))
> +if (dmxSyncTimer == NULL || !TimerForce(dmxSyncTimer))
> dmxSyncCallback(NULL, 0, NULL);
> /* At this point, dmxSyncPending == 0 because
> * dmxSyncCallback must have been called. */
why not patch TimerForce() and solve the problem for once and any one ?
re,
wh
___
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
[PATCH] dmx: Fix null pointer dereference
A null pointer dereference can occur in dmxSync, because TimerForce
does not handle a null pointer.
dmxSyncTimer is set to NULL a few lines above on a certain condition,
which happened on my machine. The explicit NULL check allowed me to
start Xdmx again without a segmentation fault.
---
hw/dmx/dmxsync.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/dmx/dmxsync.c b/hw/dmx/dmxsync.c
index 1bc242343..b55c9ddf3 100644
--- a/hw/dmx/dmxsync.c
+++ b/hw/dmx/dmxsync.c
@@ -182,7 +182,7 @@ dmxSync(DMXScreenInfo * dmxScreen, Bool now)
/* Do sync or set time for later */
if (now || !dmxScreen) {
-if (!TimerForce(dmxSyncTimer))
+if (dmxSyncTimer == NULL || !TimerForce(dmxSyncTimer))
dmxSyncCallback(NULL, 0, NULL);
/* At this point, dmxSyncPending == 0 because
* dmxSyncCallback must have been called. */
--
2.12.0
___
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
