A null pointer dereference can occur in dmxSync, because TimerForce
does not handle a null pointer.
dmxSyncTimer is set to NULL a few lines above on a certain condition,
which happened on my machine. The explicit NULL check allowed me to
start Xdmx again without a segmentation fault.
---
hw/dmx/dmxsync.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/dmx/dmxsync.c b/hw/dmx/dmxsync.c
index 1bc242343..b55c9ddf3 100644
--- a/hw/dmx/dmxsync.c
+++ b/hw/dmx/dmxsync.c
@@ -182,7 +182,7 @@ dmxSync(DMXScreenInfo * dmxScreen, Bool now)
/* Do sync or set time for later */
if (now || !dmxScreen) {
- if (!TimerForce(dmxSyncTimer))
+ if (dmxSyncTimer == NULL || !TimerForce(dmxSyncTimer))
dmxSyncCallback(NULL, 0, NULL);
/* At this point, dmxSyncPending == 0 because
* dmxSyncCallback must have been called. */
--
2.12.0
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
