1 From 347e785fa6177b5cac29d6c361e7c54289006a7c Mon Sep 17 00:00:00 2001
2 From: Chase Douglas <chase.douglas@canonical.com>
3 Date: Mon, 13 Feb 2012 15:44:41 -0800
4 Subject: [PATCH 1/2] Don't clobber virtual core pointer touches array length
6 When copying the touch class, the VCP has its own touches array. The
7 length of this array must be kept alongside the array itself or we get
8 memory corruption.
10 Signed-off-by: Chase Douglas <chase.douglas@canonical.com>
11 ---
12 Xi/exevents.c | 9 ++++++---
13 1 files changed, 6 insertions(+), 3 deletions(-)
15 diff --git a/Xi/exevents.c b/Xi/exevents.c
16 index 671c051..51f991c 100644
17 --- a/Xi/exevents.c
18 +++ b/Xi/exevents.c
19 @@ -671,7 +671,8 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
21 if (from->touch)
22 {
23 - TouchPointInfoPtr tmp;
24 + TouchPointInfoPtr to_touches_array_tmp;
25 + int to_num_touches_tmp;
26 if (!to->touch)
27 {
28 classes = to->unused_classes;
29 @@ -692,9 +693,11 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
30 } else
31 classes->touch = NULL;
32 }
33 - tmp = to->touch->touches;
34 + to_touches_array_tmp = to->touch->touches;
35 + to_num_touches_tmp = to->touch->num_touches;
36 memcpy(to->touch, from->touch, sizeof(TouchClassRec));
37 - to->touch->touches = tmp;
38 + to->touch->touches = to_touches_array_tmp;
39 + to->touch->num_touches = to_num_touches_tmp;
40 to->touch->sourceid = from->id;
41 } else if (to->touch)
42 {
43 --
44 1.7.9