rpms / xorg-x11-server

Clone
Source Code
GIT

Files

  1.   61cf661d516f638ceb585666bbebb93c30c33911
  2.   0001-dix-fix-crash-on-XI-1.x-grabs-on-disabled-devices.-5.patch
Blob Blame History Raw 
From 9d6b8365702e4648e793fea21ad22f7174558680 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Fri, 28 Sep 2012 11:49:29 +1000
Subject: [PATCH] dix: fix crash on XI 1.x grabs on disabled devices. 
 (#54934)

If the device is disabled, the sprite window is NULL and dereferencing
crashes the server.

This is only triggered for XI 1.x grabs (ProcXGrabDevice) as XI2 grabs would
trigger another code path, creating a sprite for the disabled device as if
detaching it (which is wrong and fixed with this patch too).

Grabbing a disabled device doesn't make sense as it won't send events
anyway. However, the protocol specs do not prohibit it, so we need to keep
it working.
Luckily, oldWin is only used for focus out events, which aren't necessary
given that the device is disabled.

X.Org Bug 54934 <http://bugs.freedesktop.org/show_bug.cgi?id=54934>

Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@ubuntu.com>
---
 dix/events.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/dix/events.c b/dix/events.c
index 3b40446..c0e330b 100644
--- a/dix/events.c
+++ b/dix/events.c
@@ -1555,11 +1555,13 @@ ActivateKeyboardGrab(DeviceIntPtr keybd, GrabPtr grab, TimeStamp time,
     WindowPtr oldWin;
 
     /* slave devices need to float for the duration of the grab. */
-    if (grab->grabtype == XI2 &&
+    if (grab->grabtype == XI2 && keybd->enabled &&
         !(passive & ImplicitGrabMask) && !IsMaster(keybd))
         DetachFromMaster(keybd);
 
-    if (grabinfo->grab)
+    if (!keybd->enabled)
+        oldWin = NULL;
+    else if (grabinfo->grab)
         oldWin = grabinfo->grab->window;
     else if (keybd->focus)
         oldWin = keybd->focus->win;
@@ -1569,7 +1571,8 @@ ActivateKeyboardGrab(DeviceIntPtr keybd, GrabPtr grab, TimeStamp time,
         oldWin = keybd->focus->win;
     if (keybd->valuator)
         keybd->valuator->motionHintWindow = NullWindow;
-    DoFocusEvents(keybd, oldWin, grab->window, NotifyGrab);
+    if (oldWin)
+        DoFocusEvents(keybd, oldWin, grab->window, NotifyGrab);
     if (syncEvents.playingEvents)
         grabinfo->grabTime = syncEvents.time;
     else
-- 
1.7.11.7
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.