Currently, it is not possible to correctly iterate over the replies of
some requests. For example, the list of XIDeviceInfo returned by
the XIQueryDevice request from xinput2 is read as garbage starting from
the second entry.
The culprits are the _sizeof() used by the iterators. In the above case:
int
xcb_input_xi_device_info_sizeof (const void *_buffer /**< */)
{
char *xcb_tmp = (char *)_buffer;
[...]
unsigned int xcb_block_len = 0;
[...]
xcb_block_len += sizeof(xcb_input_xi_device_info_t);
xcb_tmp += xcb_block_len;
/* name */
xcb_block_len += (((_aux->name_len + 3) / 4) * 4) * sizeof(char);
xcb_tmp += xcb_block_len;
[...]
}
The problem here is that `xcb_block_len` is not zero'd right above the
`/* name */` comment, causing `xcb_tmp` to be incremented by
`sizeof(xcb_input_xi_device_info_t)` twice. The returned size is too
large.
https://bugs.freedesktop.org/show_bug.cgi?id=68387
Tested-by: Ran Benita <ran234@gmail.com>
Reviewed-by: Ran Benita <ran234@gmail.com>
Reviewed-by: Daniel Martin <consume.noise@gmail.com>
Signed-off-by: Ran Benita <ran234@gmail.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
if context in ('unserialize', 'unpack', 'sizeof') and not self.var_followed_by_fixed_fields:
code_lines.append('%s xcb_block_len += sizeof(%s);' % (space, self.c_type))
code_lines.append('%s xcb_tmp += xcb_block_len;' % space)
- # probably not needed
- #_c_serialize_helper_insert_padding(context, code_lines, space, False)
+ code_lines.append('%s xcb_buffer_len += xcb_block_len;' % space)
+ code_lines.append('%s xcb_block_len = 0;' % space)
count += _c_serialize_helper_fields(context, self,
code_lines, temp_vars,
projects / platform / upstream / libxcb.git / commitdiff