#include "xenfb.h"
+#ifndef MIN
+#define MIN(a, b) (((a) < (b)) ? (a) : (b))
+#endif
+#ifndef MAX
+#define MAX(a, b) (((a) > (b)) ? (a) : (b))
+#endif
+
// FIXME defend against malicious frontend?
struct xenfb_device {
{
uint32_t prod, cons;
struct xenfb_page *page = xenfb->fb.page;
+ int x, y, w, h;
prod = page->out_prod;
if (prod == page->out_cons)
switch (event->type) {
case XENFB_TYPE_UPDATE:
- if (xenfb->pub.update)
+ if (!xenfb->pub.update)
+ break;
+ x = MAX(event->update.x, 0);
+ y = MAX(event->update.y, 0);
+ w = MIN(event->update.width, xenfb->pub.width - x);
+ h = MIN(event->update.height, xenfb->pub.height - y);
+ if (w < 0 || h < 0) {
+ fprintf(stderr, "%s bogus update ignored\n",
+ xenfb->fb.nodename);
+ break;
+ }
+ if (x != event->update.x || y != event->update.y
+ || w != event->update.width
+ || h != event->update.height) {
+ fprintf(stderr, "%s bogus update clipped\n",
+ xenfb->fb.nodename);
+ break;
+ }
xenfb->pub.update(&xenfb->pub,
event->update.x, event->update.y,
- event->update.width, event->update.height);
+ event->update.width,
+ event->update.height);
break;
}
}
projects / people / vhanquez / xen.git / commitdiff