cdd0352ba0
Xwayland would crash in some circumstances while trying to issue a pointer locking when the cursor is hidden when there is no seat focus window set. The crash signature looks like: #0 zwp_pointer_constraints_v1_lock_pointer () #1 xwl_pointer_warp_emulator_lock () at xwayland-input.c:2584 #2 xwl_seat_maybe_lock_on_hidden_cursor () at xwayland-input.c:2756 #3 xwl_seat_maybe_lock_on_hidden_cursor () at xwayland-input.c:2765 #4 xwl_seat_cursor_visibility_changed () at xwayland-input.c:2768 #5 xwl_set_cursor () at xwayland-cursor.c:245 #6 miPointerUpdateSprite () at mipointer.c:468 #7 miPointerDisplayCursor () at mipointer.c:206 #8 CursorDisplayCursor () at cursor.c:150 #9 AnimCurDisplayCursor () at animcur.c:220 #10 ChangeToCursor () at events.c:936 #11 ActivatePointerGrab () at events.c:1542 #12 GrabDevice () at events.c:5120 #13 ProcGrabPointer () at events.c:4908 #14 Dispatch () at dispatch.c:478 #15 dix_main () at main.c:276 xwl_pointer_warp_emulator_lock() tries to use the surface from the xwl_seat->focus_window leading to a NULL pointer dereference when that value is NULL. Check that xwl_seat->focus_window is not NULL earlier in the stack in xwl_seat_maybe_lock_on_hidden_cursor() and return early if not the case to avoid the crash. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=102474 Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Acked-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| Makefile.am | ||
| drm.xml | ||
| meson.build | ||
| xwayland-cursor.c | ||
| xwayland-cvt.c | ||
| xwayland-glamor-xv.c | ||
| xwayland-glamor.c | ||
| xwayland-input.c | ||
| xwayland-output.c | ||
| xwayland-shm.c | ||
| xwayland-vidmode.c | ||
| xwayland.c | ||
| xwayland.h | ||