From 506cebe7bffb19f9310565b82231a08cc8e77ece Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun, 21 Jul 2024 11:22:29 -0700
Subject: XvQueryEncodings: avoid NULL deref if length is 0, but num_encodings
 is not
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Found by gcc 14.1:
Xv.c: In function ‘XvQueryEncodings’:
Xv.c:387:31: warning: dereference of NULL ‘<unknown>’ [CWE-476]
 [-Wanalyzer-null-dereference]
  387 |         pe->encoding_id = u.pe->encoding;
      |                           ~~~~^~~~~~~~~~

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxv/-/merge_requests/7>
---
 src/Xv.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Xv.c b/src/Xv.c
index 2a7e6c5..dc1e5f9 100644
--- a/src/Xv.c
+++ b/src/Xv.c
@@ -357,6 +357,10 @@ XvQueryEncodings(
         }
         _XRead(dpy, buffer, (long) size);
     }
+    else if (rep.num_encodings != 0) {
+        status = XvBadReply;
+        goto out;
+    }
 
     /* GET ENCODINGS */
 
-- 
cgit v1.2.3