summaryrefslogtreecommitdiff
path: root/src/cairo-xlib-surface-shm.c
Commit message (Collapse)AuthorAgeFilesLines
* Don't leave the shm field uninitialized when building without shm support. Jonathan Kew2021-04-291-1/+4
| | | This can result in reading an uninitialized value in draw_image_boxes() in cairo-xlib-render-compositor.c.
* cairo-xlib: Check for maximum surface sizeUli Schlachter2021-01-131-0/+3
| | | | | | | | | | | | | X11 use uint16_t for the width/height of things. Anything too large will be truncated when sending the request to the X11 server. This commit adds a size check to a function that did not check things and then later caused a segmentation fault. Not adding a test case because the test case from the below bug report allocates 3,5 GiB of memory, which I find too much for a test. Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/414 Signed-off-by: Uli Schlachter <psychon@znc.in>
* Use _cairo_malloc instead of mallocAdrian Johnson2018-05-071-4/+4
| | | | | | | | | | _cairo_malloc(0) always returns NULL, but has not been used consistently. This patch replaces many calls to malloc() with _cairo_malloc(). Fixes: fdo# 101547 CVE: CVE-2017-9814 Heap buffer overflow at cairo-truetype-subset.c:1299 Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
* xlib: fix mixing xcb & xlib callsMarc-André Lureau2015-11-061-4/+4
| | | | | | | | | | | | | NextRequest is a macro that doesn't mix well with xcb, since dpy->request is not updated. Instead use XNextRequest() that was fixed to do the right thing with xcb in libX11 commit: http://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=7f8f9a36ef901f31279c385caf960a22daeb33fe This may solve application X errors when a shmdt() is called by cairo before the Attach request is processed. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Uli Schlachter <psychon@znc.in>
* Don't cull very thin lines on vector surfacesAdrian Johnson2015-10-171-1/+2
| | | | | | On vector surfaces, use a minimum line width when calculating extents. Bug 77298
* Revert "xlib: Remove queued event from _XReadEvents"Bryce Harrington2015-03-061-5/+0
| | | | This reverts commit e7fc8f405beeeb1048f69fe22923170a137b805e.
* xlib: Remove queued event from _XReadEventsHenry (Yu) Song2015-03-051-0/+5
| | | | | | Following patch fixes a memory leak in xlib surface. Reviewed-by: Bryce Harrington <bryce@osg.samsung.com>
* fix conflicting types for 'sync' on AIX, bug#89338Michael Haubenwallner2015-03-051-2/+2
|
* Correct usage of CAIRO_STACK_ARRAY_LENGTHUli Schlachter2013-11-161-2/+2
| | | | | | | This macro wants the array type as its argument and calls sizeof() on it internally. Signed-off-by: Uli Schlachter <psychon@znc.in>
* xlib/shm: More clarification of seqno requiredChris Wilson2013-01-291-3/+3
| | | | | | | Everytime I read the predicate wrong, but hopefully, this time I have it right! Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Clarify testing of seqnoChris Wilson2013-01-291-4/+16
| | | | | | | Rename the seqno tests into seqno_passed(), seqno_before() and seqno_after() in order to clarify their semantics. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Force synchronisation for scratch SHM image buffersChris Wilson2013-01-291-1/+1
| | | | | | | | | | The scratch image buffers are used for uploads to the xserver and so we must be careful not to overwrite active SHM segments. Unfortunately we told the core SHM allocator that we would sync before using the images, which was a lie. Reported-by: Michael Natterer <mitch@gimp.org> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Always request a CompletionEvent from ShmPutImageChris Wilson2013-01-291-8/+3
| | | | | | ...and treat is as an expected event for synchronisation. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Tidy up destroying the mempool for a shm blockChris Wilson2013-01-291-1/+1
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Only destroy an existing damageChris Wilson2013-01-081-2/+4
| | | | | | _cairo_damage_destroy() does not like to be passed a NULL. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Discard damage upon shm finishChris Wilson2013-01-081-0/+3
| | | | | | | | | Both to make sure we do not leak the memory, but to also prevent _cairo_xlib_surface_put_shm() from operating upon the finished shm surface after the display is closed. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=58253 Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Only mark the shm pixmap as active if we upload into itChris Wilson2013-01-061-9/+14
| | | | | | | Be more strict with when we mark the pixmap as active so that we only wait for the actual XCopyArea involving the pixmap to complete. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Fix typo in creation of a SHM imageChris Wilson2013-01-031-5/+3
| | | | | | | Pass along the size the caller requests, not the size of the related drawable. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Rate-limit events and only use as necessaryChris Wilson2012-12-291-33/+77
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Populate send_event and serialChris Wilson2012-12-231-0/+4
| | | | | | | Hopefully this random choice is more meaningful than random junk. Bugzilla; https://bugs.freedesktop.org/show_bug.cgi?id=58672 Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Fix memory leakAdam Jackson2012-12-181-1/+1
| | | | | | | | Despite subclassing image surfaces, we never called down to the image surface destructor, so we leaked a pixman_image_t every time. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=882976 Signed-off-by: Adam Jackson <ajax@redhat.com>
* xlib/shm: Need IncludeInferiors when creating the source fallbackChris Wilson2012-11-021-0/+14
| | | | | Reported-by: Benjamin Otte <otte@redhat.com> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Fix bogus assertion without shm availableChris Wilson2012-10-311-1/+1
| | | | | | | | In particular note that _cairo_xlib_surface_put_shm is indeed called and is expected to be a no-op when shm is not available. Reported-by: Thomas Klausner <wiz@NetBSD.org> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Use shmstr.h instead of shmproto.h if availableChris Wilson2012-10-281-1/+5
| | | | | | | | | Before it was known as shmproto.h, the wire protocol definition was to be found in shmstr.h, so if we don't have the current version of libXext try to use the older includes. Reported-by: Sebastian Haas <sehaas@gmail.com> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Check for XShm headersChris Wilson2012-10-281-3/+96
| | | | | | | | | Not all version of libXext ship the same set of headers, so play safe and check during configure that we have the headers we depend upon in the code. Reported-by: Sebastian Haas <sehaas@gmail.com> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib: Check for both X.org and Xorg ServerVendorsChris Wilson2012-10-261-1/+1
| | | | | | | | | | Martin Husemann reported that on his NetBSD machine the vendor was being reported as "The Xorg Foundation", a non-conformist separatist split of the Peoples' Liberation Army^W^W^W "The X.Org Foundation". Simply check for both during initialisation. Reported-by: Martin Husemann <martin@duskware.de> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Sanity check that the server handles XSendEvent with ShmCompletionChris Wilson2012-10-261-8/+69
| | | | | | | | | | Uli Schlachter suggested it would be wiser to complement our blacklist of known broken X/libXext with an explicit roundtrip to check for a BadValue error return when we try to use XSendEvent. Suggested-by: Uli Schlachter <psychon@znc.in> Reported-by: Martin Husemann <martin@duskware.de> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Sync the XShmAttach before removing the ShmSegment idChris Wilson2012-10-191-0/+3
| | | | | | | | | | | | Whilst reading through other users of XShm, it became apparent that IPC_RMID behaves differently across the platforms. Linux allows processes to attach to an existing ShmSegment id after a IPC_RMID, but for others the IPC_RMID takes immediate effect. On those platforms without a "deferred" IPC_RMID, we then need to perform the XShmAttach synchronously before perfomring the IPC_RMID. Reported-by: Thomas Klausner <wiz@NetBSD.org> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Note the bug is an interaction between libXext and xorgChris Wilson2012-10-051-3/+6
| | | | | | | | | Søren thought it was bit harsh to lay the blame solely on xorg for it crashing due to an unexpected input value, and that we should mention libXext was also partly to blame for incorrectly setting the SEND_EVENT bit in the ShmCompletionEvent. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Avoid using XSendEvent with old versions of XorgChris Wilson2012-10-051-0/+21
| | | | | | | | | | | | | | | | | | Søren Sandmann Pedersen pointed out that all versions of Xorg prior to and including xorg-1.11.0 contained a bug that would cause them to crash if they ever processed an event sent by XSendEvent. This was fixed in commit 2d2dce558d24eeea0eb011ec9ebaa6c5c2273c39 Author: Sam Spilsbury <sam.spilsbury@canonical.com> Date: Wed Sep 14 09:58:34 2011 +0800 Remove the SendEvent bit (0x80) before doing range checks on event type. so make sure we do not use XSendEvent prior to that commit, which fortuitously is quite easy as we only do so along the ShmPixmap path. Reported-by: Søren Sandmann Pedersen <ssp@redhat.com> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Discard SHM surfaces upon CloseDisplayChris Wilson2012-10-051-0/+14
| | | | | Fixes xlib-surface-source Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Masquerade as an ordinary ShmCompletionEventChris Wilson2012-08-271-80/+29
| | | | | | | Needs a bit of extra work to create the extension event, but this leaves the application with only a single spurious event to filter. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Reduce the frequency at which we emit eventsChris Wilson2012-08-241-1/+1
| | | | | | | | | | Flushing the shm operation is a fairly rare event, as it is typically only involved with mixed rendering on a similar image, and should be triggering its own events. Therefore we should be able to reduce our event emission to the critical points in order to limit the amount of extra overhead we generate. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Only check if we are expecting an eventChris Wilson2012-08-211-16/+46
| | | | | | | | | As the XCheckWindowEvent() has the unwanted side-effect of flushing the output queue when there is no event available (libX11 seems to be entirely anti-performant), we need to roll our own that only checks the already available event queue. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Use a genuine event rather than an open-ended requestChris Wilson2012-08-211-20/+60
| | | | | | | | Adding lots of requests without popping the replies causes xcb to continually sort large lists of unprocessed data. Use an event instead and regularly dequeue them. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Mark the ShmPixmap as active following an upload flushChris Wilson2012-08-181-0/+3
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Fix runtime checking of has-shm-pixmaps for !shm caseChris Wilson2012-08-181-0/+3
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Wrap the detection of shm with lockingChris Wilson2012-08-181-0/+6
| | | | | | | | | | | | As we access a global error variable, we need to hold a mutex against simultaneous checking of multiple Displays. This should already be true as we hold our display mutex to serialize initialisation, so just add an assertion. As the client may mix use of cairo in one thread with X from another, we need to hold the Display lock and serialise whilst manipulating the low-level state of the Display. Suggested-by: Uli Schlachter <psychon@znc.in> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Avoid using a synchronous ShmCreatePixmap if evading the readbackChris Wilson2012-08-181-1/+4
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Clear the similar image surfaceChris Wilson2012-08-171-1/+9
| | | | | | | The upper layers check that the surface returned to userspace is cleared; make it so. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Use an impromptu upload ShmSegmentChris Wilson2012-08-171-13/+26
| | | | | | | | Reduce the number of copies required for uploading large image data. Ultimately we want the client to allocate the similar-image itself to acheive zero copy, this is just an intermediate step for legacy clients. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Limit use of the impromptu fallback pixmap for uploadsChris Wilson2012-08-171-1/+7
| | | | | | | We want to avoid unnecessary readback and so only want to use the ShmPixmap when uploading the complete surface. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Propagate the last-request to the synchronous createChris Wilson2012-08-171-3/+6
| | | | | | | If we optimise away the pending frees we must be careful to propagate the implied sync. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib/shm: Fix up the shrinking of the priority queueChris Wilson2012-08-171-1/+1
| | | | Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
* xlib: Implement SHM fallbacks and fast upload pathsChris Wilson2012-08-171-0/+1119
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
View Lorry Controller Status