x11-randr: Improve argument check

In the current code, output should never be negative but the check
exists after we use the variable as index. Make the check earlier.

This patch also breaks the check in two in order to provide more
accurate error log.

Found by coverity:
  | check_after_sink: You might be using variable "output" before
  | verifying that it is >= 0.

Changes in v2:
- Move overflow check before accessing the arrays (Frediano)

Changes in v3:
- Move the whole check before accessing the arrays.
- Improve commit log.

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

1 files changed, 13 insertions, 5 deletions

diff --git a/src/vdagent/x11-randr.c b/src/vdagent/x11-randr.c
index c8e42c9..e461ce1 100644
--- a/src/vdagent/x11-randr.c
+++ b/src/vdagent/x11-randr.c
@@ -347,14 +347,22 @@ static int xrandr_add_and_set(struct vdagent_x11 *x11, int output, int x, int y,
     int xid;
     Status s;
     RROutput outputs[1];
-    int old_width  = x11->randr.monitor_sizes[output].width;
-    int old_height = x11->randr.monitor_sizes[output].height;
+    int old_width;
+    int old_height;
 
-    if (!x11->randr.res || output >= x11->randr.res->noutput || output < 0) {
-        syslog(LOG_ERR, "%s: program error: missing RANDR or bad output",
-               __FUNCTION__);
+    if (!x11->randr.res) {
+        syslog(LOG_ERR, "%s: program error: missing RANDR", __FUNCTION__);
         return 0;
     }
+
+    if (output < 0 || output >= x11->randr.res->noutput) {
+        syslog(LOG_ERR, "%s: program error: bad output", __FUNCTION__);
+        return 0;
+    }
+
+    old_width  = x11->randr.monitor_sizes[output].width;
+    old_height = x11->randr.monitor_sizes[output].height;
+
     if (x11->set_crtc_config_not_functional) {
         /* fail, set_best_mode will find something close. */
         return 0;