SecurityResource should not segfault when client owning resource has exited

Fixes OpenSolaris bug 6949754:
  Xorg crashes when the magnifier is enabled at gdm login greeter window.
  http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6949754

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Eamon Walsh <ewalsh@tycho.nsa.gov>

1 files changed, 5 insertions, 3 deletions

diff --git a/Xext/security.c b/Xext/security.c
index b37339fa7..7eb95de74 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -805,7 +805,6 @@ SecurityResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
     Mask allowed = SecurityResourceMask;
 
     subj = dixLookupPrivate(&rec->client->devPrivates, stateKey);
-    obj = dixLookupPrivate(&clients[cid]->devPrivates, stateKey);
 
     /* disable background None for untrusted windows */
     if ((requested & DixCreateAccess) && (rec->rtype == RT_WINDOW))
@@ -831,8 +830,11 @@ SecurityResource(CallbackListPtr *pcbl, pointer unused, pointer calldata)
 	    allowed |= DixReadAccess;
     }
 
-    if (SecurityDoCheck(subj, obj, requested, allowed) == Success)
-	return;
+    if (clients[cid] != NULL) {
+	obj = dixLookupPrivate(&clients[cid]->devPrivates, stateKey);
+	if (SecurityDoCheck(subj, obj, requested, allowed) == Success)
+	    return;
+    }
 
     SecurityAudit("Security: denied client %d access %x to resource 0x%x "
 		  "of client %d on request %s\n", rec->client->index,