Hi ----- Original Message ----- > The cursor hotspot values have to be inside the cursor bounding box, > otherwise on X11 this may cause a crash of the application using > spice-gtk. > > This is the client-side part of > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864998 > > Signed-off-by: Christophe Fergeau <cfergeau@xxxxxxxxxx> Reviewed-by: Marc-André Lureau <marcandre.lureau@xxxxxxxxxx> > --- > src/channel-cursor.c | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/src/channel-cursor.c b/src/channel-cursor.c > index 14053a92..d7fa3df9 100644 > --- a/src/channel-cursor.c > +++ b/src/channel-cursor.c > @@ -405,6 +405,18 @@ static display_cursor *set_cursor(SpiceChannel *channel, > SpiceCursor *scursor) > > g_return_val_if_fail(scursor->data_size != 0, NULL); > > + if (hdr->hot_spot_x > hdr->width) { > + CHANNEL_DEBUG(channel, > + "hot spot X position (%d) is outside cursor area, > capping to cursor width (%d)", > + hdr->hot_spot_x, hdr->width); > + hdr->hot_spot_x = hdr->width; > + } > + if (hdr->hot_spot_y > hdr->height) { > + CHANNEL_DEBUG(channel, > + "hot spot Y position (%d) is outside cursor area, > capping to cursor height (%d)", > + hdr->hot_spot_y, hdr->height); > + hdr->hot_spot_y = hdr->height; > + } > size = 4u * hdr->width * hdr->height; > cursor = g_malloc0(sizeof(*cursor) + size); > cursor->hdr = *hdr; > -- > 2.13.3 > > _______________________________________________ > Spice-devel mailing list > Spice-devel@xxxxxxxxxxxxxxxxxxxxx > https://lists.freedesktop.org/mailman/listinfo/spice-devel > _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel