haiku: Fix crash when opening window.

- _num_clips was not set in constructor, so a NULL _clips could be
  mistakenly dereferenced.
- As _clips is accessible outside the class, it is not a good idea to
  free/reallocate it. Try to limit this by reallocating only when it needs to
  grow.

Partially fixes Bugzilla #4442.
This commit is contained in:
Adrien Destugues 2019-11-11 22:14:00 -05:00
parent 50806eeea2
commit 3b516e633b
1 changed files with 10 additions and 5 deletions

View File

@ -86,6 +86,7 @@ class SDL_BWin:public BDirectWindow
_buffer_locker = new BLocker(); _buffer_locker = new BLocker();
_bitmap = NULL; _bitmap = NULL;
_clips = NULL; _clips = NULL;
_num_clips = 0;
#ifdef DRAWTHREAD #ifdef DRAWTHREAD
_draw_thread_id = spawn_thread(HAIKU_DrawThread, "drawing_thread", _draw_thread_id = spawn_thread(HAIKU_DrawThread, "drawing_thread",
@ -179,13 +180,17 @@ class SDL_BWin:public BDirectWindow
_connected = true; _connected = true;
case B_DIRECT_MODIFY: case B_DIRECT_MODIFY:
if(_clips) { if (info->clip_list_count > _num_clips)
free(_clips); {
_clips = NULL; if(_clips) {
free(_clips);
_clips = NULL;
}
} }
_num_clips = info->clip_list_count; _num_clips = info->clip_list_count;
_clips = (clipping_rect *)malloc(_num_clips*sizeof(clipping_rect)); if (_clips == NULL)
_clips = (clipping_rect *)malloc(_num_clips*sizeof(clipping_rect));
if(_clips) { if(_clips) {
memcpy(_clips, info->clip_list, memcpy(_clips, info->clip_list,
_num_clips*sizeof(clipping_rect)); _num_clips*sizeof(clipping_rect));
@ -652,7 +657,7 @@ private:
clipping_rect _bounds; clipping_rect _bounds;
BLocker *_buffer_locker; BLocker *_buffer_locker;
clipping_rect *_clips; clipping_rect *_clips;
int32 _num_clips; uint32 _num_clips;
int32 _bytes_per_px; int32 _bytes_per_px;
thread_id _draw_thread_id; thread_id _draw_thread_id;