From f20f91ee89607537dfc6bfaec05d18e9830bea13 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun, 6 Jul 2014 11:13:49 -0700
Subject: Fix validation of ctrls parameter to XkbGetPerClientControls()

Nothing in the XKB spec states that the memory pointed to by ctrls has to
be initialized to any given value when passed to the function, only that
it is set by the function to the values returned by the X server:
http://www.x.org/releases/X11R7.7/doc/libX11/XKB/xkblib.html#The_Miscellaneous_Per_client_Controls

The check for the incoming value seems to be copied from
XkbSetPerClientControls without explanation.

Instead change it to checking if ctrls is non-NULL, since there's no
point asking the X server to return a value the caller won't even see.

Found while investigating report from cppcheck-1.65:
[nx-X11/lib/X11/XKB.c:699] -> [nx-X11/lib/X11/XKB.c:719]: (warning) Possible null pointer
 dereference: ctrls - otherwise it is redundant to check it against null.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
---
 nx-X11/lib/X11/XKB.c | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

(limited to 'nx-X11/lib/X11')

diff --git a/nx-X11/lib/X11/XKB.c b/nx-X11/lib/X11/XKB.c
index 7f1b233aa..7ecd39706 100644
--- a/nx-X11/lib/X11/XKB.c
+++ b/nx-X11/lib/X11/XKB.c
@@ -696,9 +696,7 @@ XkbGetPerClientControls(Display *dpy, unsigned *ctrls)
 
     if ((dpy->flags & XlibDisplayNoXkb) ||
         (!dpy->xkb_info && !XkbUseExtension(dpy, NULL, NULL)) ||
-        (*ctrls & ~(XkbPCF_GrabsUseXKBStateMask |
-                    XkbPCF_LookupStateWhenGrabbed |
-                    XkbPCF_SendEventUsesXKBState)))
+        (ctrls == NULL))
         return False;
     LockDisplay(dpy);
     xkbi = dpy->xkb_info;
@@ -716,10 +714,9 @@ XkbGetPerClientControls(Display *dpy, unsigned *ctrls)
     }
     UnlockDisplay(dpy);
     SyncHandle();
-    if (ctrls)
-        *ctrls = (rep.value & (XkbPCF_GrabsUseXKBStateMask |
-                               XkbPCF_LookupStateWhenGrabbed |
-                               XkbPCF_SendEventUsesXKBState));
+    *ctrls = (rep.value & (XkbPCF_GrabsUseXKBStateMask |
+                           XkbPCF_LookupStateWhenGrabbed |
+                           XkbPCF_SendEventUsesXKBState));
     return (True);
 }
 
-- 
cgit v1.2.3