DO NOT REPLY TO THIS MESSAGE. INSTEAD, POST ANY RESPONSES TO THE LINK BELOW.
[STR New] Link: http://www.fltk.org/str.php?L2277 Version: 1.3-current 1. It seemed that there is memory issue in the original Fl_x.cpp (removed in the patch): 890 if (bytesread) { // append to the accumulated buffer 891 buffer = (unsigned char*)realloc(buffer, bytesread+count*format/8+remaining); 892 memcpy(buffer+bytesread, portion, count*format/8); 893 XFree(portion); 894 } else { // Use the first section without moving the memory: 895 buffer = portion; 896 } 897 bytesread += count*format/8; 898 buffer[bytesread] = 0; ~~~~~~~~~~~~~~~~~~~~~~ The code in ine 898 is dangeous if remaining = 0 and realloc was called. I am not sure whether this will happen. Maybe sometimes for pasting from X's Clipboard? 2. >I have not looked in enough detail yet (not at an X11 box) but it looks >as if there may be a double-free of "portion", and also as if "portion" >may be accessed after being free'd. Whould you like to tell me the condition in which double-free and access after being free'd will happen? Thanks. 3. I upload a new patch againt fltk-1.3.x-r7513. The original patches work well for X's Primary Selection (middle mouse). But I found that the old patches add redundant NULL character(^@) for X's Clipboard. The new patch is a one-line-fix against the original patch. It seemed that Primary Selection(middle mouse) or Clipboard (^c ^v) both work now. At last, here are codes relation to portion: 891 unsigned char* portion; 892 if (XGetWindowProperty(fl_display, 893 fl_xevent->xselection.requestor, 894 fl_xevent->xselection.property, 895 bytesread/4, 65536, 1, 0, 896 &actual, &format, &count, &remaining, 897 &portion)) break; // quit on error 898 if (actual == TARGETS || actual == XA_ATOM) 899 Atom type = XA_STRING; 900 for (unsigned i = 0; i<count; i++) { 901 Atom t = ((Atom*)portion)[i]; 902 if (t == fl_Xatextplainutf || 903 t == fl_Xatextplain || 904 t == fl_XaUtf8String) {type = t; break;} 905 // rest are only used if no utf-8 available: 906 if (t == fl_XaText || 907 t == fl_XaTextUriList || 908 t == fl_XaCompoundText) type = t; 909 } 910 XFree(portion); --will surely return if this happened 911 Atom property = xevent.xselection.property; 912 XConvertSelection(fl_display, property, type, property, 913 fl_xid(Fl::first_window()), 914 fl_event_time); 915 return true; 916 } --If the condition in Line 898 is false. 917 XTextProperty text_prop; 918 text_prop.value=portion; 919 text_prop.format=format; 920 text_prop.encoding=actual; 921 text_prop.nitems=count; 922 char **text_list; 923 int list_count; 924 Xutf8TextPropertyToTextList(fl_display, 925 (const XTextProperty*)&text_prop, &text_list, &list_count); 926 int bytesnew = strlen(*text_list)+1; 927 XFree(portion); --portion will not be used again. 928 buffer = (unsigned char*)realloc(buffer, bytesread+bytesnew+remaining ); 929 memcpy(buffer+bytesread, *text_list, bytesnew); 930 XFreeStringList(text_list); 931 bytesread += bytesnew - 1; 932 if (!remaining) break; 933 } Link: http://www.fltk.org/str.php?L2277 Version: 1.3-current _______________________________________________ fltk-bugs mailing list [email protected] http://lists.easysw.com/mailman/listinfo/fltk-bugs
