From f23f0ebf1b659208d5036e10ab1f32249a2e1a4c Mon Sep 17 00:00:00 2001
From: Daniel P. Berrange <dan@berrange.com>
Date: Mon, 22 Nov 2010 21:18:29 +0000
Subject: Avoid crash in motion event & vnc_display_get_pixbuf

If a mouse event occurs before a connection completes setup
priv->fb will be NULL and a crash can occur. Likewise if
vnc_display_get_pixbuf() is called before priv->fb is set,
then a crash occurs. Add checks for NULL in both cases
---
diff --git a/src/vncdisplay.c b/src/vncdisplay.c
index 55fbcf4..0b7e800 100644
--- a/src/vncdisplay.c
+++ b/src/vncdisplay.c
@@ -557,6 +557,9 @@ static gboolean motion_event(GtkWidget *widget, GdkEventMotion *motion)
 	if (priv->conn == NULL || !vnc_connection_is_initialized(priv->conn))
 		return FALSE;
 
+	if (!priv->fb)
+		return FALSE;
+
 	fbw = vnc_framebuffer_get_width(VNC_FRAMEBUFFER(priv->fb));
 	fbh = vnc_framebuffer_get_height(VNC_FRAMEBUFFER(priv->fb));
 
@@ -2050,6 +2053,9 @@ GdkPixbuf *vnc_display_get_pixbuf(VncDisplay *obj)
 	    !vnc_connection_is_initialized(priv->conn))
 		return NULL;
 
+	if (!priv->fb)
+		return NULL;
+
 	fb = VNC_FRAMEBUFFER(priv->fb);
 	surface = vnc_cairo_framebuffer_get_surface(priv->fb);
 	content = cairo_surface_get_content(surface) | CAIRO_CONTENT_COLOR;
--
cgit v0.8.3.1