~ubuntu-branches/ubuntu/quantal/xserver-xorg-input-synaptics/quantal-proposed

« back to all changes in this revision

Viewing changes to debian/patches/0200-Avoid-out-of-bounds-access-by-running-num_active_tou.patch

Committer: Package Import Robot
Author(s): Timo Aaltonen
Date: 2013-01-17 10:46:59 UTC
mfrom: (64.1.1 quantal)
Revision ID: package-import@ubuntu.com-20130117104659-g1h0p3jugoihw4pa

Tags: 1.6.2-1ubuntu5.1

https://launchpad.net/bugs/1100586

use-sigsafe-logging.patch: Upstream commit from master, use signal
safe logging with input ABI 18. (LP: #1100586)

files added:
debian/patches/130_reset-num_active_touches-on-deviceoff.patch

debian/patches/use-sigsafe-logging.patch

files removed:
debian/patches/0200-Avoid-out-of-bounds-access-by-running-num_active_tou.patch

debian/patches/0201-Ignore-pre-existing-touches.patch

debian/patches/0202-Fix-coasting-for-negative-ScrollDelta.patch

debian/patches/0203-Reset-open-slots-array-on-device-disable.patch

debian/patches/0204-Reset-hw-x-y-to-INT_MIN-and-skip-HandleState-until-w.patch

debian/patches/0205-Don-t-allow-for-scroll-distances-of-0-49965.patch

files modified:
debian/changelog

debian/patches/series

Show diffs side-by-side

added added

removed removed

debian/patches/0200-Avoid-out-of-bounds-access-by-running-num_active_tou.patch

From 23065a974e5dcdf0d6a436a0547bb7887d306a6f Mon Sep 17 00:00:00 2001

From: Peter Hutterer <peter.hutterer@who-t.net>

Date: Fri, 11 May 2012 12:27:39 +1000

Subject: [PATCH 200/205] Avoid out-of-bounds access by running

num_active_touches < 0 (#49439)

If a touch is active during driver init, the slot will be set to

SLOTSTATE_CLOSE when it finishes. That could decrease num_active_touches to

less than 0, causing out-of-bounds access.

X.Org Bug 49439 <http://bugs.freedesktop.org/show_bug.cgi?id=49439>

Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

Reviewed-by: Chase Douglas <chase.douglas@canonical.com>

(cherry picked from commit 77d766b1d535dff9a27c7db343ede85d9f44850b)

---

src/synaptics.c | 4 +++-

1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/synaptics.c b/src/synaptics.c

index 30d79c5..1d32093 100644

--- a/src/synaptics.c

+++ b/src/synaptics.c

@@ -3128,7 +3128,9 @@ UpdateTouchState(InputInfoPtr pInfo, struct SynapticsHwState *hw)

priv->open_slots[j] = priv->open_slots[j + 1];

}

- priv->num_active_touches--;

+ BUG_WARN(priv->num_active_touches == 0);

+ if (priv->num_active_touches > 0)

+ priv->num_active_touches--;

}

1.7.9.5

Older »