File: | Xi/queryst.c |
Location: | line 114, column 20 |
Description: | Call to 'calloc' has an allocation size of 0 bytes |
1 | /* | |||
2 | ||||
3 | Copyright 1998, 1998 The Open Group | |||
4 | ||||
5 | Permission to use, copy, modify, distribute, and sell this software and its | |||
6 | documentation for any purpose is hereby granted without fee, provided that | |||
7 | the above copyright notice appear in all copies and that both that | |||
8 | copyright notice and this permission notice appear in supporting | |||
9 | documentation. | |||
10 | ||||
11 | The above copyright notice and this permission notice shall be included | |||
12 | in all copies or substantial portions of the Software. | |||
13 | ||||
14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS | |||
15 | OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF | |||
16 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. | |||
17 | IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR | |||
18 | OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, | |||
19 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR | |||
20 | OTHER DEALINGS IN THE SOFTWARE. | |||
21 | ||||
22 | Except as contained in this notice, the name of The Open Group shall | |||
23 | not be used in advertising or otherwise to promote the sale, use or | |||
24 | other dealings in this Software without prior written authorization | |||
25 | from The Open Group. | |||
26 | ||||
27 | */ | |||
28 | ||||
29 | /*********************************************************************** | |||
30 | * | |||
31 | * Request to query the state of an extension input device. | |||
32 | * | |||
33 | */ | |||
34 | ||||
35 | #ifdef HAVE_DIX_CONFIG_H1 | |||
36 | #include <dix-config.h> | |||
37 | #endif | |||
38 | ||||
39 | #include "inputstr.h" /* DeviceIntPtr */ | |||
40 | #include "windowstr.h" /* window structure */ | |||
41 | #include <X11/extensions/XI.h> | |||
42 | #include <X11/extensions/XIproto.h> | |||
43 | #include "exevents.h" | |||
44 | #include "exglobals.h" | |||
45 | #include "xkbsrv.h" | |||
46 | #include "xkbstr.h" | |||
47 | ||||
48 | #include "queryst.h" | |||
49 | ||||
50 | /*********************************************************************** | |||
51 | * | |||
52 | * This procedure allows a client to query the state of a device. | |||
53 | * | |||
54 | */ | |||
55 | ||||
56 | int | |||
57 | SProcXQueryDeviceState(ClientPtr client) | |||
58 | { | |||
59 | REQUEST(xQueryDeviceStateReq)xQueryDeviceStateReq *stuff = (xQueryDeviceStateReq *)client-> requestBuffer; | |||
60 | swaps(&stuff->length)do { if (sizeof(*(&stuff->length)) != 2) wrong_size(); if (__builtin_constant_p((uintptr_t)(&stuff->length) & 1) && ((uintptr_t)(&stuff->length) & 1) == 0) *(&stuff->length) = lswaps(*(&stuff->length )); else swap_uint16((uint16_t *)(&stuff->length)); } while (0); | |||
61 | return (ProcXQueryDeviceState(client)); | |||
62 | } | |||
63 | ||||
64 | /*********************************************************************** | |||
65 | * | |||
66 | * This procedure allows frozen events to be routed. | |||
67 | * | |||
68 | */ | |||
69 | ||||
70 | int | |||
71 | ProcXQueryDeviceState(ClientPtr client) | |||
72 | { | |||
73 | int rc, i; | |||
74 | int num_classes = 0; | |||
75 | int total_length = 0; | |||
| ||||
76 | char *buf, *savbuf; | |||
77 | KeyClassPtr k; | |||
78 | xKeyState *tk; | |||
79 | ButtonClassPtr b; | |||
80 | xButtonState *tb; | |||
81 | ValuatorClassPtr v; | |||
82 | xValuatorState *tv; | |||
83 | xQueryDeviceStateReply rep; | |||
84 | DeviceIntPtr dev; | |||
85 | double *values; | |||
86 | ||||
87 | REQUEST(xQueryDeviceStateReq)xQueryDeviceStateReq *stuff = (xQueryDeviceStateReq *)client-> requestBuffer; | |||
88 | REQUEST_SIZE_MATCH(xQueryDeviceStateReq)if ((sizeof(xQueryDeviceStateReq) >> 2) != client->req_len ) return(16); | |||
89 | ||||
90 | rc = dixLookupDevice(&dev, stuff->deviceid, client, DixReadAccess(1<<0)); | |||
91 | if (rc != Success0 && rc != BadAccess10) | |||
92 | return rc; | |||
93 | ||||
94 | v = dev->valuator; | |||
95 | if (v != NULL((void*)0) && v->motionHintWindow != NULL((void*)0)) | |||
96 | MaybeStopDeviceHint(dev, client); | |||
97 | ||||
98 | k = dev->key; | |||
99 | if (k != NULL((void*)0)) { | |||
100 | total_length += sizeof(xKeyState); | |||
101 | num_classes++; | |||
102 | } | |||
103 | ||||
104 | b = dev->button; | |||
105 | if (b != NULL((void*)0)) { | |||
106 | total_length += sizeof(xButtonState); | |||
107 | num_classes++; | |||
108 | } | |||
109 | ||||
110 | if (v != NULL((void*)0)) { | |||
111 | total_length += (sizeof(xValuatorState) + (v->numAxes * sizeof(int))); | |||
112 | num_classes++; | |||
113 | } | |||
114 | buf = (char *) calloc(total_length, 1); | |||
| ||||
115 | if (!buf) | |||
116 | return BadAlloc11; | |||
117 | savbuf = buf; | |||
118 | ||||
119 | if (k != NULL((void*)0)) { | |||
120 | tk = (xKeyState *) buf; | |||
121 | tk->class = KeyClass0; | |||
122 | tk->length = sizeof(xKeyState); | |||
123 | tk->num_keys = k->xkbInfo->desc->max_key_code - | |||
124 | k->xkbInfo->desc->min_key_code + 1; | |||
125 | if (rc != BadAccess10) | |||
126 | for (i = 0; i < 32; i++) | |||
127 | tk->keys[i] = k->down[i]; | |||
128 | buf += sizeof(xKeyState); | |||
129 | } | |||
130 | ||||
131 | if (b != NULL((void*)0)) { | |||
132 | tb = (xButtonState *) buf; | |||
133 | tb->class = ButtonClass1; | |||
134 | tb->length = sizeof(xButtonState); | |||
135 | tb->num_buttons = b->numButtons; | |||
136 | if (rc != BadAccess10) | |||
137 | memcpy(tb->buttons, b->down, sizeof(b->down))__builtin___memcpy_chk (tb->buttons, b->down, sizeof(b-> down), __builtin_object_size (tb->buttons, 0)); | |||
138 | buf += sizeof(xButtonState); | |||
139 | } | |||
140 | ||||
141 | if (v != NULL((void*)0)) { | |||
142 | tv = (xValuatorState *) buf; | |||
143 | tv->class = ValuatorClass2; | |||
144 | tv->length = sizeof(xValuatorState) + v->numAxes * 4; | |||
145 | tv->num_valuators = v->numAxes; | |||
146 | tv->mode = valuator_get_mode(dev, 0); | |||
147 | tv->mode |= (dev->proximity && | |||
148 | !dev->proximity->in_proximity) ? OutOfProximity(1L << 1) : 0; | |||
149 | buf += sizeof(xValuatorState); | |||
150 | for (i = 0, values = v->axisVal; i < v->numAxes; i++) { | |||
151 | if (rc != BadAccess10) | |||
152 | *((int *) buf) = *values; | |||
153 | values++; | |||
154 | if (client->swapped) { | |||
155 | swapl((int *) buf)do { if (sizeof(*((int *) buf)) != 4) wrong_size(); if (__builtin_constant_p ((uintptr_t)((int *) buf) & 3) && ((uintptr_t)((int *) buf) & 3) == 0) *((int *) buf) = lswapl(*((int *) buf )); else swap_uint32((uint32_t *)((int *) buf)); } while (0); | |||
156 | } | |||
157 | buf += sizeof(int); | |||
158 | } | |||
159 | } | |||
160 | ||||
161 | rep = (xQueryDeviceStateReply) { | |||
162 | .repType = X_Reply1, | |||
163 | .RepType = X_QueryDeviceState30, | |||
164 | .sequenceNumber = client->sequence, | |||
165 | .length = bytes_to_int32(total_length), | |||
166 | .num_classes = num_classes | |||
167 | }; | |||
168 | WriteReplyToClient(client, sizeof(xQueryDeviceStateReply), &rep){ if ((client)->swapped) (*ReplySwapVector[((xReq *)(client )->requestBuffer)->reqType]) (client, (int)(sizeof(xQueryDeviceStateReply )), &rep); else WriteToClient(client, (int)(sizeof(xQueryDeviceStateReply )), (&rep)); }; | |||
169 | if (total_length > 0) | |||
170 | WriteToClient(client, total_length, savbuf); | |||
171 | free(savbuf); | |||
172 | return Success0; | |||
173 | } | |||
174 | ||||
175 | /*********************************************************************** | |||
176 | * | |||
177 | * This procedure writes the reply for the XQueryDeviceState function, | |||
178 | * if the client and server have a different byte ordering. | |||
179 | * | |||
180 | */ | |||
181 | ||||
182 | void | |||
183 | SRepXQueryDeviceState(ClientPtr client, int size, xQueryDeviceStateReply * rep) | |||
184 | { | |||
185 | swaps(&rep->sequenceNumber)do { if (sizeof(*(&rep->sequenceNumber)) != 2) wrong_size (); if (__builtin_constant_p((uintptr_t)(&rep->sequenceNumber ) & 1) && ((uintptr_t)(&rep->sequenceNumber ) & 1) == 0) *(&rep->sequenceNumber) = lswaps(*(& rep->sequenceNumber)); else swap_uint16((uint16_t *)(& rep->sequenceNumber)); } while (0); | |||
186 | swapl(&rep->length)do { if (sizeof(*(&rep->length)) != 4) wrong_size(); if (__builtin_constant_p((uintptr_t)(&rep->length) & 3) && ((uintptr_t)(&rep->length) & 3) == 0 ) *(&rep->length) = lswapl(*(&rep->length)); else swap_uint32((uint32_t *)(&rep->length)); } while (0); | |||
187 | WriteToClient(client, size, rep); | |||
188 | } |