• Olivier Fourdan's avatar
    xwayland: Avoid a crash on pointer enter with a grab · 0a074463
    Olivier Fourdan authored
    On pointer enter notification, Xwayland checks for an existing pointer
    warp with a `NULL` sprite.
    In turn, `xwl_pointer_warp_emulator_maybe_lock()` checks for an existing
    grab and the destination window using `XYToWindow()` which does not
    check for the actual sprite not being `NULL`.
    So, in some cases, when the pointer enters the surface and there is an
    existing X11 grab which is not an ownerEvents grab, Xwayland would crash
    trying to dereference the `NULL` sprite pointer:
      #0  __GI_raise ()
      #1  __GI_abort () at abort.c:79
      #2  OsAbort () at utils.c:1351
      #3  AbortServer () at log.c:879
      #4  FatalError () at log.c:1017
      #5  OsSigHandler () at osinit.c:156
      #6  OsSigHandler () at osinit.c:110
      #7  <signal handler called>
      #8  XYToWindow (pSprite=0x0, x=0, y=0) at events.c:2880
      #9  xwl_pointer_warp_emulator_maybe_lock () at xwayland-input.c:2673
      #10 pointer_handle_enter () at xwayland-input.c:434
    Avoid the crash by simply checking for the sprite being not `NULL` in
    Signed-off-by: 's avatarOlivier Fourdan <ofourdan@redhat.com>
    Bugzilla: https://bugzilla.redhat.com/1708119
Last commit
Last update
dmx Loading commit data...
kdrive Loading commit data...
vfb Loading commit data...
xfree86 Loading commit data...
xnest Loading commit data...
xquartz Loading commit data...
xwayland Loading commit data...
xwin Loading commit data...
Makefile.am Loading commit data...
meson.build Loading commit data...