diff --git a/0008-ramdac-Check-sPriv-NULL-in-xf86CheckHWCursor.patch b/0008-ramdac-Check-sPriv-NULL-in-xf86CheckHWCursor.patch new file mode 100644 index 0000000..da0be3e --- /dev/null +++ b/0008-ramdac-Check-sPriv-NULL-in-xf86CheckHWCursor.patch @@ -0,0 +1,34 @@ +From 675ba81ffe268fdfeb2ec2820369cfd2d4c768c9 Mon Sep 17 00:00:00 2001 +From: agoins +Date: Mon, 24 Oct 2016 15:25:53 -0700 +Subject: [PATCH xserver v2] ramdac: Check sPriv != NULL in xf86CheckHWCursor() + +xf86CheckHWCursor() would dereference sPriv without NULL checking it. If Option +"SWCursor" is specified, sPriv == NULL. In this case we should assume that HW +cursors are not supported. + +Signed-off-by: Alex Goins +Reviewed-by: Andy Ritger +Reviewed-by: Hans de Goede +Signed-off-by: Hans de Goede +--- + hw/xfree86/ramdac/xf86HWCurs.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/hw/xfree86/ramdac/xf86HWCurs.c b/hw/xfree86/ramdac/xf86HWCurs.c +index da2b181..5e99526 100644 +--- a/hw/xfree86/ramdac/xf86HWCurs.c ++++ b/hw/xfree86/ramdac/xf86HWCurs.c +@@ -148,7 +148,8 @@ xf86CheckHWCursor(ScreenPtr pScreen, CursorPtr cursor, xf86CursorInfoPtr infoPtr + continue; + + sPriv = dixLookupPrivate(&pSlave->devPrivates, xf86CursorScreenKey); +- if (!xf86ScreenCheckHWCursor(pSlave, cursor, sPriv->CursorInfoPtr)) ++ if (!sPriv || ++ !xf86ScreenCheckHWCursor(pSlave, cursor, sPriv->CursorInfoPtr)) + return FALSE; + } + return TRUE; +-- +2.9.3 + diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index bf82b60..5e7275e 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -85,6 +85,7 @@ Patch4: 0004-xfree86-Remove-redundant-ServerIsNotSeat0-check-from.patch Patch5: 0005-xfree86-Make-adding-unclaimed-devices-as-GPU-devices.patch Patch6: 0006-xfree86-Try-harder-to-find-atleast-1-non-GPU-Screen.patch Patch7: 0007-inputthread-On-Linux-leave-the-main-thread-s-name-as.patch +Patch8: 0008-ramdac-Check-sPriv-NULL-in-xf86CheckHWCursor.patch #Patch6044: xserver-1.6.99-hush-prerelease-warning.patch