On Mon, Jul 08, 2013 at 06:59:45PM +0100, Rob Bradford wrote:
> From: Rob Bradford <[email protected]>
>
> The RDP compositor dynamically creates and destroys seats for the
> different connecting clients. Althrough the memory for the seat was
> being freed and it was also being removed from the list of seats in the
> compositor the client was not being informed of that the seat was no
> longer a valid global. Because the client still thought this global was
> valid when it tried to bind it the compositor would attempt to access
> freed memory.
>
> https://bugs.freedesktop.org/show_bug.cgi?id=65913
Argh, I'm sorry, I just committed the exact same patch after reading
your analysis in the bug. I thought you were done for the day and I
wanted to get the fix in for the release candidate so I just went
ahead and did it. I wish I could rebase it and apply your patch, but
it's already pushed. Thanks for tracking the issue down.
Kristian
> ---
> src/compositor.h | 1 +
> src/input.c | 7 ++++---
> 2 files changed, 5 insertions(+), 3 deletions(-)
>
> diff --git a/src/compositor.h b/src/compositor.h
> index 8070409..0c5623f 100644
> --- a/src/compositor.h
> +++ b/src/compositor.h
> @@ -469,6 +469,7 @@ struct weston_seat {
>
> struct input_method *input_method;
> char *seat_name;
> + struct wl_global *global;
> };
>
> enum {
> diff --git a/src/input.c b/src/input.c
> index 644487a..ed114de 100644
> --- a/src/input.c
> +++ b/src/input.c
> @@ -1531,8 +1531,8 @@ weston_seat_init(struct weston_seat *seat, struct
> weston_compositor *ec,
> wl_list_init(&seat->drag_resource_list);
> wl_signal_init(&seat->destroy_signal);
>
> - wl_display_add_global(ec->wl_display, &wl_seat_interface, seat,
> - bind_seat);
> + seat->global = wl_display_add_global(ec->wl_display, &wl_seat_interface,
> + seat, bind_seat);
>
> seat->compositor = ec;
> seat->modifier_state = 0;
> @@ -1550,7 +1550,8 @@ WL_EXPORT void
> weston_seat_release(struct weston_seat *seat)
> {
> wl_list_remove(&seat->link);
> - /* The global object is destroyed at wl_display_destroy() time. */
> +
> + wl_display_remove_global(seat->compositor->wl_display, seat->global);
>
> #ifdef ENABLE_XKBCOMMON
> if (seat->compositor->use_xkbcommon) {
> --
> 1.8.3.1
>
> _______________________________________________
> wayland-devel mailing list
> [email protected]
> http://lists.freedesktop.org/mailman/listinfo/wayland-devel
_______________________________________________
wayland-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/wayland-devel
