| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
there's more work to do...
The whole nx-X11/extras dir is no longer checked since we only have
Mesa there and we do not want to check that mess...
All the exceptions in static-analysis-suppressions have been manually
checked.
|
|
|
|
|
|
|
|
| |
[nx-X11/programs/Xserver/record/set.c:361]: (warning) Possible null pointer dereference: stackIntervals
stackIntervals is only NULL if nIntervals is 0, too. In that case
memcpy will do nothing and so it is ok to pass NULL as source. But it
is ugly nevertheless...
|
| |
|
|
|
|
| |
[Keyboard.c:559]: (error) Shifting signed 32-bit value by 31 bits is undefined behaviour
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 758393951233d1b2520cf4cefd33ec4288a3880a
Author: Dave Airlie <airlied@redhat.com>
Date: Wed Sep 12 11:09:40 2018 +1000
xkb: fix what looks to be a copy-paste error with first vs firstMM
Pointed out by coverity.
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
|
|
|
|
|
| |
xkmread.c: In function ‘XkmReadFileSectionName’:
xkmread.c:1181:25: warning: ‘tmpTOC.type’ may be used uninitialized in this function [-Wmaybe-uninitialized]
XkbConfigText(tmpTOC.type,XkbMessage),0);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 83913de25d35709b3ab7b0ab124b73924145d2dd
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Apr 5 12:59:11 2018 -0400
xkb: Silence some compiler warnings
Of the form:
../xkb/XKBGAlloc.c: In function ‘SrvXkbAddGeomKeyAlias’:
../xkb/XKBGAlloc.c:591:13: warning: ‘strncpy’ specified bound 4 equals destination size [-Wstringop-truncation]
strncpy(alias->real, realStr, XkbKeyNameLength);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is intentional; the code that reads from these fields never reads
more than 4 bytes anyway. Rephrase things in terms of memcpy so that's
clear. Obviously this is awful but in XKB awful is par.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Acked-by: Keith Packard <keithp@keithp.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit a4a2e814d5d0e6152307a301eda1d6fc1c555aaa
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun Feb 13 21:36:02 2011 -0800
xkb: Use snprintf to measure string lengths instead of manual strlen math
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
|
|
|
|
|
|
|
|
| |
commit 2391c409a2840d61fed93832650c0d6c82ebebdf
Author: Eamon Walsh <ewalsh@tycho.nsa.gov>
Date: Fri Jun 13 22:48:17 2008 -0400
Fix "warning: unused variable `s'".
|
|
|
|
|
|
|
|
|
|
|
| |
commit 534fc5140b039a8c98ab715d0a6740d513b41209
Author: Daniel Stone <daniel@fooishbar.org>
Date: Sun Feb 3 23:30:22 2008 +1100
XKB: Remove a bunch of mad ifdefs
We have SEEK_SET and size_t, seriously. Also use DebugF instead of
ifdef DEBUG, and ditch a couple of random bits that were never used.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes this cppcheck finding:
[nx-X11/programs/Xserver/xkb/xkbActions.c:1306]: (error) Uninitialized variable: oldState
commit 35a4b8e7f4526a92d44cb16a783f21030cd1f6df
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue May 5 16:51:59 2009 +1000
xkb: remove oldState from XkbHandleActions.
I really don't know what the purpose of this variable is or was, aside from
potentially clobbering up our key state since there's a path where it may be
used uninitialised.
Also, this means that xkbi->prev_state is now accessible from the DIX with
meaningful data.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Move allocation of image_index close before first_use. This way we do
not need to free it if previous step fail. And we cannot forget that
free() call.
While at it replace malloc+memset by calloc.
|
| |
|
|
|
|
| |
Otherwise it will (falsely) report "Memory pointed to by 'sessionpath' is freed twice."
|
| |
|
| |
|
| |
|
|
|
|
| |
While at it create and use the freeDepths() helper function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 211d4c2d353b5e379716484055a3f58235ea65f4
Author: Chris Wilson <chris@chris-wilson.co.uk>
Date: Wed Dec 14 15:55:22 2011 +0000
render: Propagate allocation failure from createSourcePicture()
All the callers were already checking for failure, except that
createSourcePicture() itself was failing to check whether it
successfully allocated the Picture.
[ajax: Rebase, fix line wrap of preceding line]
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 2aa935bc5cc1e2d5365a97b8c5bb3d33eb5fc758
Author: Tiago Vignatti <tiago.vignatti@nokia.com>
Date: Fri Mar 25 22:10:55 2011 +0200
fb: fix memory leak in fbOverlayFinishScreenInit
Signed-off-by: Tiago Vignatti <tiago.vignatti@nokia.com>
Reviewed-by: Nicolas Peninguy <nico@lostgeeks.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
==12976==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 6 byte(s) in 1 object(s) allocated from:
#0 0x7f510b3ac810 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
#1 0x559ca29c5035 in nxagentKeyboardProc /home/uli/work/nx/ArcticaProject/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Keyboard.c:866
#2 0x7a29bff07 (<unknown module>)
Direct leak of 1 byte(s) in 1 object(s) allocated from:
#0 0x7f510b3ac810 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
#1 0x559ca29c509a in nxagentKeyboardProc /home/uli/work/nx/ArcticaProject/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Keyboard.c:870
#2 0x7a29bff07 (<unknown module>)
Direct leak of 1 byte(s) in 1 object(s) allocated from:
#0 0x7f510b3ac810 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
#1 0x559ca29c507f in nxagentKeyboardProc /home/uli/work/nx/ArcticaProject/nx-libs/nx-X11/programs/Xserver/hw/nxagent/Keyboard.c:869
#2 0x7a29bff07 (<unknown module>)
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 3 allocation(s).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If compiled with -fsanitize=address this showed up when running startlxde:
==11551==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60d000018fbc at pc 0x7f270a9ed57b bp 0x7fff30ef3050 sp 0x7fff30ef2800
READ of size 204 at 0x60d000018fbc thread T0
#0 0x7f270a9ed57a (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xb857a)
#1 0x559dafcd5c93 in FindGlyphRef ../../render/glyph.c:179
#2 0x559dafcd705d in AddGlyph /work/nx-libs/nx-X11/programs/Xserver/hw/nxagent/NXglyph.c:71
#3 0x559dafccc0ff in ProcRenderAddGlyphs ../../mi/../render/render.c:1186
#4 0x559dafcbd5a5 in ProcRenderDispatch /work/nx-libs/nx-X11/programs/Xserver/hw/nxagent/NXrender.c:1689
#5 0x559dafcbc4ea in Dispatch /work/nx-libs/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c:476
#6 0x559dafc4e9b0 in main /work/nx-libs/nx-X11/programs/Xserver/dix/main.c:353
#7 0x7f2708e1d09a in __libc_start_main ../csu/libc-start.c:308
#8 0x559dafc4f5d9 in _start (/work/nx-libs/nx-X11/programs/Xserver/nxagent+0x6e5d9)
0x60d000018fbc is located 0 bytes to the right of 140-byte region [0x60d000018f30,0x60d000018fbc)
allocated by thread T0 here:
#0 0x7f270aa1e330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
#1 0x559dafcd646c in AllocateGlyph ../../render/glyph.c:348
This happens when two glyphs are compared via memcmp and the smaller
one happens to be identical to the beginning of the bigger one.
Newer render implementations use a sha1 hash instead of memcmp so this
patch will (hopefully) be obsolete once render gets updated.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
==10226== 3,337 bytes in 1 blocks are definitely lost in loss record 295 of 307
==10226== at 0x483577F: malloc (vg_replace_malloc.c:299)
==10226== by 0x6281DB9: strdup (strdup.c:42)
==10226== by 0x2ABA9E: __glXClientInfo (glxcmds.c:2170)
==10226== by 0x17CA3E: __glXDispatch (NXglxext.c:128)
==10226== by 0x16EE77: Dispatch (NXdispatch.c:476)
==10226== by 0x14DCE0: main (main.c:353)
There's no point in trying to free cl->* after memset(0).
This one is a bug that is found identically in xorg upstream and has
only been fixed during rework of the whole client resource freeing
stuff. So we fix it in glxext.c.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix these memory leaks:
==30021== 128 bytes in 1 blocks are definitely lost in loss record 230 of 302
==30021== at 0x483577F: malloc (vg_replace_malloc.c:299)
==30021== by 0x2EF89C: init_visuals (xf86glx.c:390)
==30021== by 0x2EF89C: __MESA_initVisuals (xf86glx.c:541)
==30021== by 0x17C922: GlxInitVisuals (glxext.c:317)
==30021== by 0x218E73: fbInitVisuals (fbcmap.c:668)
==30021== by 0x20BEB1: fbFinishScreenInit (fbscreen.c:229)
==30021== by 0x20C275: fbScreenInit (fbscreen.c:273)
==30021== by 0x1E0317: nxagentOpenScreen (Screen.c:1357)
==30021== by 0x16D848: AddScreen (dispatch.c:4171)
==30021== by 0x1DB7FF: InitOutput (Init.c:396)
==30021== by 0x14DB12: main (main.c:279)
==30021==
==30021== 3,072 (192 direct, 2,880 indirect) bytes in 1 blocks are definitely lost in loss record 290 of 302
==30021== at 0x483577F: malloc (vg_replace_malloc.c:299)
==30021== by 0x2CCCC7: _gl_context_modes_create (glcontextmodes.c:364)
==30021== by 0x2EF87C: init_visuals (xf86glx.c:381)
==30021== by 0x2EF87C: __MESA_initVisuals (xf86glx.c:541)
==30021== by 0x17C922: GlxInitVisuals (glxext.c:317)
==30021== by 0x218E73: fbInitVisuals (fbcmap.c:668)
==30021== by 0x20BEB1: fbFinishScreenInit (fbscreen.c:229)
==30021== by 0x20C275: fbScreenInit (fbscreen.c:273)
==30021== by 0x1E0317: nxagentOpenScreen (Screen.c:1357)
==30021== by 0x16D848: AddScreen (dispatch.c:4171)
==30021== by 0x1DB7FF: InitOutput (Init.c:396)
==30021== by 0x14DB12: main (main.c:279)
The problem here is that GlxInitVisuals is called twice. First via
fbScreenInit and then again via nxagentInitGlxExtension. We remove the
first one to ensure the code in nxagenOpenScreen works as initially
intended.
There's an xorg upstream patch that does the same
(7d74690536b64f7b8e8036507ab7790807349c50), but it also cleans up
other stuff we do not even have in out source (yet?).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
==12280== 0 bytes in 5 blocks are definitely lost in loss record 1 of 304
==12280== at 0x483577F: malloc (vg_replace_malloc.c:299)
==12280== by 0x2EFC29: init_visuals (xf86glx.c:489)
==12280== by 0x2EFC29: __MESA_initVisuals (xf86glx.c:540)
==12280== by 0x17C902: GlxInitVisuals (glxext.c:317)
==12280== by 0x218C03: fbInitVisuals (fbcmap.c:668)
==12280== by 0x20BC41: fbFinishScreenInit (fbscreen.c:229)
==12280== by 0x20C005: fbScreenInit (fbscreen.c:273)
==12280== by 0x1E024C: nxagentOpenScreen (Screen.c:1356)
==12280== by 0x16D828: AddScreen (dispatch.c:4171)
==12280== by 0x1DB7DF: InitOutput (Init.c:396)
==12280== by 0x14DB12: main (main.c:279)
==12280==
==12280== 64 bytes in 2 blocks are definitely lost in loss record 223 of 304
==12280== at 0x483577F: malloc (vg_replace_malloc.c:299)
==12280== by 0x2EFA05: init_visuals (xf86glx.c:489)
==12280== by 0x2EFA05: __MESA_initVisuals (xf86glx.c:540)
==12280== by 0x17C902: GlxInitVisuals (glxext.c:317)
==12280== by 0x218C03: fbInitVisuals (fbcmap.c:668)
==12280== by 0x20BC41: fbFinishScreenInit (fbscreen.c:229)
==12280== by 0x20C005: fbScreenInit (fbscreen.c:273)
==12280== by 0x1E024C: nxagentOpenScreen (Screen.c:1356)
==12280== by 0x16D828: AddScreen (dispatch.c:4171)
==12280== by 0x1DB7DF: InitOutput (Init.c:396)
==12280== by 0x14DB12: main (main.c:279)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes these two memory leaks identified by valgrind:
==28336== 32 (8 direct, 24 indirect) bytes in 1 blocks are definitely lost in loss record 180 of 308
==28336== at 0x48356AF: malloc (vg_replace_malloc.c:298)
==28336== by 0x4837DE7: realloc (vg_replace_malloc.c:826)
==28336== by 0x1AE322: AllocateDevicePrivate (privates.c:439)
==28336== by 0x27527B: XkbSetExtension (xkbActions.c:72)
==28336== by 0x198E9B: _RegisterPointerDevice (devices.c:361)
==28336== by 0x1DBA35: InitInput (Init.c:440)
==28336== by 0x14DBD6: main (main.c:303)
==28336==
==28336== 32 (8 direct, 24 indirect) bytes in 1 blocks are definitely lost in loss record 181 of 308
==28336== at 0x48356AF: malloc (vg_replace_malloc.c:298)
==28336== by 0x4837DE7: realloc (vg_replace_malloc.c:826)
==28336== by 0x1AE322: AllocateDevicePrivate (privates.c:439)
==28336== by 0x27527B: XkbSetExtension (xkbActions.c:72)
==28336== by 0x198F1B: _RegisterKeyboardDevice (devices.c:384)
==28336== by 0x1DBA3D: InitInput (Init.c:441)
==28336== by 0x14DBD6: main (main.c:303)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is not necessary at the current code level. But when xkb
code introduced the dev->key check Xorg upstream missed that. So we
backport it now to skip that trap when updating xkb code.
Author: Alan Coopersmith <alan.coopersmith@sun.com>
Date: Mon Jan 4 18:21:54 2010 -0800
CloseDevice: call XkbRemoveResourceClient before freeing key class struct
XkbRemoveResourceClient() returns immediately if dev->key is NULL.
CloseDevice calls XkbRemoveResourceClient until it removes all resources.
If we free dev->key and NULL it before XkbRemoveResourceClient, then
infinite loop ensues, and the server appears to hang on exit or crash.
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
|
|
|
|
|
|
|
| |
While trying to properly free memory allocated by XKB I accidently
called nxagentFreeKeyboardDeviceData twice and noticed it would cause
a segfault here. As the other pointers are also nullified after
being freed let's just do it here, too.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes ArcticaProject/nx-libs#598
In nxagentOpenScreen we first initialized the RRExtension for the
screen and then replaced pScreen->CloseScreen by
nxagentCloseScreen. This resulted in RandR's RRCloseScreen (and any
other CloseScreen procedure installed by extensions) being no longer
called.
Moving RandR init after configuring pScreen->CloseScreen ensures the
correct calling cascade:
RRCloseScreen -> nxagentCloseScreen ->fbCloseScreen (called explicitly
by nxagentCloseScreen).
Which in turn will fix this memory leak:
==9688== 328 (312 direct, 16 indirect) bytes in 1 blocks are definitely lost in loss record 271 of 319
==9688== at 0x4837B65: calloc (vg_replace_malloc.c:752)
==9688== by 0x4ED2C6: RRScreenInit (randr.c:329)
==9688== by 0x1F2B18: nxagentInitRandRExtension (Extensions.c:122)
==9688== by 0x1DEAFF: nxagentOpenScreen (Screen.c:1409)
==9688== by 0x16D7F8: AddScreen (dispatch.c:4257)
==9688== by 0x1DA0CF: InitOutput (Init.c:397)
==9688== by 0x14DCC2: main (main.c:280)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes a memory leak:
==19074== 2 bytes in 1 blocks are definitely lost in loss record 8 of 313
==19074== at 0x483577F: malloc (vg_replace_malloc.c:299)
==19074== by 0x1FD83D: fbAllocatePrivates (fballpriv.c:79)
==19074== by 0x20A666: fbSetupScreen (fbscreen.c:110)
==19074== by 0x20A666: fbScreenInit (fbscreen.c:300)
==19074== by 0x1DEA4C: nxagentOpenScreen (Screen.c:1356)
==19074== by 0x16D7F8: AddScreen (dispatch.c:4257)
==19074== by 0x1DA0CF: InitOutput (Init.c:397)
==19074== by 0x14DCC2: main (main.c:280)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport of this commit:
commit b2167015043a458e9cf93b827b43eb5b7c552ce9
Author: Giuseppe Bilotta <giuseppe.bilotta@gmail.com>
Date: Sat Nov 4 23:06:27 2017 +0100
xkb: initialize tsyms
This fixes some “Conditional jump depends on uninitialized value(s)”
errors spotted by valgrind.
Reviewed-by: Eric Engestrom <eric.engestrom@imgtec.com>
Signed-off-by: Giuseppe Bilotta <giuseppe.bilotta@gmail.com>
|
|
|
|
| |
by adding [] around values as almost everywhere
|
| |
|
|
|
|
|
| |
was in inital version of 6ce9fb5f2875754f97035d3338b3d0e1d20169ae but got lost
during some rebasing/cherry-picking preceeding the pull request.
|
|
|
|
|
| |
Window.c:3827:46: warning: array subscript 128 is above array bounds of ‘StoringPixmapRec *[128]’ {aka ‘struct <anonymous> *[128]’} [-Warray-bounds]
i, (void *) nxagentBSPixmapList[i]);
|
|
|
|
| |
format was broken, would not compile
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 57e872301f5e836be2efb8f952f9c9711650b447
Author: Adam Jackson <ajax@redhat.com>
Date: Thu Apr 5 13:07:09 2018 -0400
mi: Hush an almost certainly bogus warning
In file included from ../mi/miexpose.c:83:
../mi/miexpose.c: In function ‘miHandleExposures’:
../include/regionstr.h:174:22: warning: ‘expBox.y2’ may be used uninitialized in this function [-Wmaybe-uninitialized]
(_pReg)->extents = *(_pBox);
~~~~~~~~~~~~~~~~~^~~~~~~~~~
../mi/miexpose.c:139:12: note: ‘expBox.y2’ was declared here
BoxRec expBox;
^~~~~~
etc. It's initialized if (extents), and then only read if (extents),
but gcc doesn't seem to figure that out. Whatever, bzero it to be
explicit.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Acked-by: Keith Packard <keithp@keithp.com>
|
|
|
|
|
|
| |
They were just aliases to already existing defines and were not used
stringently. So we had mix of aliased and non-aliased uses which is
confusing when trying to understand the code...
|