diff options
authorJamey Sharp <>2010-05-19 10:44:33 -0700
committerKeith Packard <>2010-05-23 17:28:44 -0700
commitb9f48d60bc0c839bd323c582231e8e7e2b810af6 (patch)
parentc51534961e1bb4c68ff881758862d2f85f572ce7 (diff)
Device init: Don't crash when CreateGC fails.
ActivateDevice was ignoring errors from DeviceCursorInitialize, so cursor-related calls failed later. Jeremy Huddleston saw that crash in miPointerConstrainCursor, while with Xvfb I saw it in miSpriteRealizeCursor. miDCDeviceCleanup frees any non-NULL GCs. miDCDeviceInitialize calls Cleanup on any failure, but if it failed early then some of the pointers in the miDCBufferPtr were garbage. Switch from malloc to calloc to ensure everything's initialized safely first. With these two fixes, if CreateGC fails then the server gracefully fails in FatalError instead of segfaulting. Signed-off-by: Jamey Sharp <> Cc: Peter Hutterer <> Reviewed-by: Peter Hutterer <> Signed-off-by: Keith Packard <>
2 files changed, 3 insertions, 2 deletions
diff --git a/dix/devices.c b/dix/devices.c
index ab8c3f9db..cf23bc6d0 100644
--- a/dix/devices.c
+++ b/dix/devices.c
@@ -463,7 +463,8 @@ ActivateDevice(DeviceIntPtr dev, BOOL sendevent)
/* Initialize memory for sprites. */
if (IsMaster(dev) && dev->spriteInfo->spriteOwner)
- pScreen->DeviceCursorInitialize(dev, pScreen);
+ if (!pScreen->DeviceCursorInitialize(dev, pScreen))
+ ret = BadAlloc;
SendDevicePresenceEvent(dev->id, DeviceAdded);
if (sendevent)
diff --git a/mi/midispcur.c b/mi/midispcur.c
index 61e313305..16495e45f 100644
--- a/mi/midispcur.c
+++ b/mi/midispcur.c
@@ -742,7 +742,7 @@ miDCDeviceInitialize(DeviceIntPtr pDev, ScreenPtr pScreen)
pScreen = screenInfo.screens[i];
- pBuffer = malloc(sizeof(miDCBufferRec));
+ pBuffer = calloc(1, sizeof(miDCBufferRec));
if (!pBuffer)
goto failure;