37 lines
1.3 KiB
Diff
37 lines
1.3 KiB
Diff
From 95a10ab64c2dbbec2c8dad91a5ffb73a0d68474b Mon Sep 17 00:00:00 2001
|
|
From: Jonathan Liu <net147@gmail.com>
|
|
Date: Mon, 16 Mar 2020 20:04:06 +1100
|
|
Subject: [PATCH] src/cursor: fix xfc NULL pointer dereference
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
xfc->width and xfc->height for the XFixes cursor image returned from
|
|
XFixesGetCursorImage(dpy) are accessed without first checking that xfc
|
|
is not NULL. This can result in the server sometimes crashing when
|
|
moving a Google Chrome window.
|
|
|
|
Fixes: 37c946191a0f ("Broken cursor bugfix for 64 bit systems (#49)")
|
|
Signed-off-by: Jonathan Liu <net147@gmail.com>
|
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
---
|
|
src/cursor.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/cursor.c b/src/cursor.c
|
|
index 39e73a6..74a08c6 100644
|
|
--- a/src/cursor.c
|
|
+++ b/src/cursor.c
|
|
@@ -1311,7 +1311,7 @@ static int get_exact_cursor(int init) {
|
|
|
|
/* retrieve the cursor info + pixels from server: */
|
|
xfc = XFixesGetCursorImage(dpy);
|
|
- {
|
|
+ if (xfc) {
|
|
/* 2017-07-09, Stephan Fuhrmann: This fixes an implementation flaw for 64 bit systems.
|
|
* The XFixesCursorImage structure says xfc->pixels is (unsigned long*) in the structure, but
|
|
* the protocol spec says it's 32 bit per pixel
|
|
--
|
|
2.21.1
|
|
|