ACK.
On 12/18/2012 04:57 PM, Uri Lublin wrote:
Reported-by: Michal Luscon <mluscon@xxxxxxxxxx>
Found by a Coverity scan:
in handle_dev_start -
Checking "worker->display_channel" implies that "worker->display_channel"
might be NULL.
Passing "worker" to function "guest_set_client_capabilities"
in guest_set_client_capabilities -
Directly dereferencing parameter "worker->display_channel"
---
server/red_worker.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/server/red_worker.c b/server/red_worker.c
index 530562b..1f01e3b 100644
--- a/server/red_worker.c
+++ b/server/red_worker.c
@@ -10344,7 +10344,8 @@ static void guest_set_client_capabilities(RedWorker *worker)
worker->set_client_capabilities_pending = 1;
return;
}
- if (worker->display_channel->common.base.clients_num == 0) {
+ if ((worker->display_channel == NULL) ||
+ (worker->display_channel->common.base.clients_num == 0)) {
worker->qxl->st->qif->set_client_capabilities(worker->qxl, FALSE, caps);
} else {
// Take least common denominator
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel