[PATCH] drm/radeon/kms: fix cursor image off-by-one error
The mouse cursor hotspot calculation when the cursor is partially off the top or left side of the screen was off by one. Fixes https://bugs.freedesktop.org/show_bug.cgi?id=41158 Signed-off-by: Nicholas Miell --- drivers/gpu/drm/radeon/radeon_cursor.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/radeon/radeon_cursor.c b/drivers/gpu/drm/radeon/radeon_cursor.c index 3189a7e..c495575 100644 --- a/drivers/gpu/drm/radeon/radeon_cursor.c +++ b/drivers/gpu/drm/radeon/radeon_cursor.c @@ -209,9 +209,9 @@ int radeon_crtc_cursor_move(struct drm_crtc *crtc, int w = radeon_crtc->cursor_width; if (x < 0) - xorigin = -x + 1; + xorigin = -x; if (y < 0) - yorigin = -y + 1; + yorigin = -y; if (xorigin >= CURSOR_WIDTH) xorigin = CURSOR_WIDTH - 1; if (yorigin >= CURSOR_HEIGHT) -- 1.7.6.2 ___ dri-devel mailing list dri-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/dri-devel
Re: [PATCH 0/3] radeon cursor patches
On 09/30/2011 08:16 AM, Michel Dänzer wrote: > While reviewing Nicholas Miell's patch 'drm/radeon/kms: fix cursor image > off-by-one error', I noticed at least one other bug (fixed by patch 2, and one > potential bug fixed by patch 3) and opportunities for cleanup. > > Patch 1 is based on Nicholas' patch and can be dropped if he amends his patch > along the same lines. > > [PATCH 1/3] drm/radeon: Simplify cursor x/yorigin calculation. > [PATCH 2/3] drm/radeon: Update AVIVO cursor coordinate origin before > [PATCH 3/3] drm/radeon: Set cursor x/y to 0 when x/yorigin > 0. Feel free to squash my patch into yours. ___ dri-devel mailing list dri-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/dri-devel
[PATCH] drm/radeon/kms: fix cursor image off-by-one error
The mouse cursor hotspot calculation when the cursor is partially off the top or left side of the screen was off by one. Fixes https://bugs.freedesktop.org/show_bug.cgi?id=41158 Signed-off-by: Nicholas Miell --- drivers/gpu/drm/radeon/radeon_cursor.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/radeon/radeon_cursor.c b/drivers/gpu/drm/radeon/radeon_cursor.c index 3189a7e..c495575 100644 --- a/drivers/gpu/drm/radeon/radeon_cursor.c +++ b/drivers/gpu/drm/radeon/radeon_cursor.c @@ -209,9 +209,9 @@ int radeon_crtc_cursor_move(struct drm_crtc *crtc, int w = radeon_crtc->cursor_width; if (x < 0) - xorigin = -x + 1; + xorigin = -x; if (y < 0) - yorigin = -y + 1; + yorigin = -y; if (xorigin >= CURSOR_WIDTH) xorigin = CURSOR_WIDTH - 1; if (yorigin >= CURSOR_HEIGHT) -- 1.7.6.2
[PATCH 0/3] radeon cursor patches
On 09/30/2011 08:16 AM, Michel D?nzer wrote: > While reviewing Nicholas Miell's patch 'drm/radeon/kms: fix cursor image > off-by-one error', I noticed at least one other bug (fixed by patch 2, and one > potential bug fixed by patch 3) and opportunities for cleanup. > > Patch 1 is based on Nicholas' patch and can be dropped if he amends his patch > along the same lines. > > [PATCH 1/3] drm/radeon: Simplify cursor x/yorigin calculation. > [PATCH 2/3] drm/radeon: Update AVIVO cursor coordinate origin before > [PATCH 3/3] drm/radeon: Set cursor x/y to 0 when x/yorigin > 0. Feel free to squash my patch into yours.
[PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo
From 714d07f600db39498c87d7816f4dd3a7e6d9bbca Mon Sep 17 00:00:00 2001
From: Nicholas Miell
Date: Thu, 12 Jan 2017 15:43:07 -0800
Subject: [PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo
The current implementation reads (up to) 513 bytes, overwrites the 513th
byte with '\0' and then passes the buffer off to strstr() and sscanf()
without ever initializing the middle bytes. This causes valgrind
warnings and potentially fails to parse PCI_SLOT_NAME if the uevent is
unexpectedly large.
Rewrite it using getline() to fix the valgrind errors and future-proof
the function against uevent files larger than 513 bytes.
Signed-off-by: Nicholas Miell
---
xf86drm.c | 34 +-
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git a/xf86drm.c b/xf86drm.c
index b8b2cfe..33261ac 100644
--- a/xf86drm.c
+++ b/xf86drm.c
@@ -2919,31 +2919,31 @@ static int drmParsePciBusInfo(int maj, int min,
drmPciBusInfoPtr info)
{
#ifdef __linux__
char path[PATH_MAX + 1];
-char data[512 + 1];
-char *str;
+FILE *uevent;
+char *line = NULL;
+size_t n = 0;
+bool found = false;
int domain, bus, dev, func;
-int fd, ret;
snprintf(path, PATH_MAX, "/sys/dev/char/%d:%d/device/uevent", maj, min);
-fd = open(path, O_RDONLY);
-if (fd < 0)
+uevent = fopen(path, "r");
+if (uevent == NULL)
return -errno;
-ret = read(fd, data, sizeof(data));
-data[sizeof(data)-1] = '\0';
-close(fd);
-if (ret < 0)
-return -errno;
+while (getline(&line, &n, uevent) != -1) {
+if (sscanf(line, "PCI_SLOT_NAME=%04x:%02x:%02x.%1u",
+ &domain, &bus, &dev, &func) == 4)
+{
+ found = true;
+ break;
+}
+}
+free(line);
-#define TAG "PCI_SLOT_NAME="
-str = strstr(data, TAG);
-if (str == NULL)
-return -EINVAL;
+fclose(uevent);
-if (sscanf(str, TAG "%04x:%02x:%02x.%1u",
- &domain, &bus, &dev, &func) != 4)
+if (!found)
return -EINVAL;
-#undef TAG
info->domain = domain;
info->bus = bus;
--
2.9.3
___
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel
Re: [PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo
On 01/13/2017 09:57 AM, Emil Velikov wrote: On 13 January 2017 at 11:34, Jan Vesely wrote: On Thu, 2017-01-12 at 18:16 -0800, Nicholas Miell wrote: From 714d07f600db39498c87d7816f4dd3a7e6d9bbca Mon Sep 17 00:00:00 2001 From: Nicholas Miell Date: Thu, 12 Jan 2017 15:43:07 -0800 Subject: [PATCH libdrm] xf86drm: fix valgrind warning in drmParsePciBusInfo The current implementation reads (up to) 513 bytes, overwrites the 513th byte with '\0' and then passes the buffer off to strstr() and sscanf() without ever initializing the middle bytes. This causes valgrind warnings and potentially fails to parse PCI_SLOT_NAME if the uevent is unexpectedly large. a simpler fix should also get rid of the valgrind warning: - ret = read(fd, data, sizeof(data)); - data[sizeof(data)-1] = '\0'; + ret = read(fd, data, sizeof(data) - 1); close(fd); if (ret < 0) return -errno + data[ret] = '\0'; We had this (better imho) patch a week or so ago. In either case the issue is virtually since (iirc) if the string is malformed we'll bail out either way. Simpler, but potentially stops working in the future. It already stopped working once. I think that dynamic memory allocation is still a more robust approach. Yes that might be the better solution, or one could even use getline(). The latter might be pushing it's only POSIX 2008. POSIX isn't relevant, this is a Linux-specific function. ___ dri-devel mailing list dri-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/dri-devel
