Bug 22804 - XGetImage incorrectly suceeds for child windows clipped by parent windows
Summary: XGetImage incorrectly suceeds for child windows clipped by parent windows
Status: RESOLVED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: git
Hardware: Other All
: medium major
Assignee: Aaron Plattner
QA Contact: Xorg Project Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-07-16 15:41 UTC by Aaron Plattner
Modified: 2009-07-22 12:58 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments
Test case (1.19 KB, text/x-csrc)
2009-07-16 15:41 UTC, Aaron Plattner 		no flags Details
View All

Description Aaron Plattner 2009-07-16 15:41:26 UTC 
Created attachment 27778 [details]
Test case

See the attached test case, which creates an 82x82 child window at (1,1) within an 80x80 parent window, then calls XGetImage for the entire child window.  According to the XGetImage man page, this should fail:

    If the drawable is a window, the window must be viewable, and it must be the
    case that if there were no inferiors or overlapping windows, the specified
    rectangle of the window would be fully visible on the screen and wholly
    contained within the outside edges of the window, or a BadMatch error
    results.  Note that the borders of the window can be included and read with
    this request.

However, the requests succeeds and sends the full 82x82 request down to the driver.  When the parent window is redirected, this ends up with an 82x82 GetImage on an 80x80 pixmap, which can read outside the bounds of the pixmap.

In the server, the GetImage request bounds are only checked against the screen dimensions and not the window's clip region.
Comment 1 Aaron Plattner 2009-07-22 12:58:03 UTC 
commit 587c3a2d1961834558193e8e14e8e381a077a253
Author: Aaron Plattner <aplattner@nvidia.com>
Date:   Wed Jul 22 10:55:46 2009 -0700

    Bug #22804: Reject out of bounds XGetImage requests
    
    The XGetImage man page states:
    
        If the drawable is a window, the window must be viewable, and
        it must be the case that if there were no inferiors or
        overlapping windows, the specified rectangle of the window
        would be fully visible on the screen and wholly contained
        within the outside edges of the window, or a BadMatch error
        results.  Note that the borders of the window can be included
        and read with this request.
    
    However, the server was only checking the requested region against
    the screen bounds, allowing XGetImage requests to read pixels
    outside the bounds of a window's ancestors.  Normally, this would
    just read other pixels from the screen, but if one of the ancestor
    windows is redirected, the window's backing pixmap may be smaller
    than the window itself.
    
    This change checks the region against the window's bounding
    drawable, which is either the screen pixmap, a redirected window's
    backing pixmap, or the root window for servers that don't support
    GetWindowPixmap.
    
    Signed-off-by: Aaron Plattner <aplattner@nvidia.com> Reviewed-by:
    Keith Packard <keithp@keithp.com>

:100644 100644 4df775d... 31c6961... M  dix/dispatch.c

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.