Julien Cristau <[email protected]> writes: > This breaks Xvfb: > https://bugs.freedesktop.org/show_bug.cgi?id=80313 > > pScreen->devPrivate is NULL, so we crash trying to dereference it in > FreePixmap(), whereas the free() was a no-op.
How about we have fb check pScreen->devPrivate != NULL before calling FreePixmap?
From 7e53d9e0c940155563ec648e2cbe92e579f921cb Mon Sep 17 00:00:00 2001 From: Keith Packard <[email protected]> Date: Thu, 26 Jun 2014 14:12:24 -0700 Subject: [PATCH] fb: Don't free NULL pixmap in fbCloseScreen. Bug #80313 We fixed fbCloseScreen to use the FreePixmap function so that the private counts would be updated correctly during CloseScreen. Xvfb calls FreePixmap and sets devPrivate to NULL before fbCloseScreen is called; not checking devPrivate before calling would result in a NULL pointer dereference. Signed-off-by: Keith Packard <[email protected]> --- fb/fbscreen.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fb/fbscreen.c b/fb/fbscreen.c index 1f91089..0d4d87f 100644 --- a/fb/fbscreen.c +++ b/fb/fbscreen.c @@ -37,7 +37,8 @@ fbCloseScreen(ScreenPtr pScreen) free(depths[d].vids); free(depths); free(pScreen->visuals); - FreePixmap((PixmapPtr)pScreen->devPrivate); + if (pScreen->devPrivate) + FreePixmap((PixmapPtr)pScreen->devPrivate); return TRUE; } -- 2.0.0.rc4
-- [email protected]
pgpzYILMpJgVI.pgp
Description: PGP signature
_______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
