Bug 7482

Summary: I fixed a bug in Xdmx's Xrender extension
Product: xorg Reporter: James Steven Supancic III <arrummzen>
Component: Server/DDX/dmxAssignee: dmx-bugs
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: highest CC: abdullahrafiq.air
Version: unspecified   
Hardware: x86 (IA32)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:

Description James Steven Supancic III 2006-07-10 10:01:38 UTC 
I fixed a bug in Xdmx's Xrender extension

A number of applications that use the RENDER extension suffered from fatal
errors soon after launch when used with Xdmx (many valuable applications, such
as firefox, gimp, distccmon-gui, gmplayer and xmms). A common workaround for
this issue has been to use the -norender option to disable the RENDER extension.
Unfortunately, this makes things unbearably slow.

I have located and fixed this issue. The bug was in the function
dmxProcRenderSetPictureFilter (in the file
xc/programs/Xserver/hw/dmx/dmxpict.c). The line
REQUEST_SIZE_MATCH(xRenderSetPictureFilterReq);
should be
REQUEST_AT_LEAST_SIZE(xRenderSetPictureFilterReq);

The applications I have mentioned above crashed because they received a bad
length error due to the fact that the Xdmx server incorrectly believed that the
request length had to be equal to sizeof(xRenderSetPictureFilterReq), when in
reality it must be equal to or greater. Because the applications I listed above
sent requests of greater length they were sent errors by the DMX server and,
assumming the worst, exited.

Please make this change to the offical source code repositories.

Thank you for your time,
James Steven Supancic III
Comment 1 Adam Jackson 2006-07-13 07:04:40 UTC 
fixed in head, thanks!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.