Miroirs/sway-patched-tray-menu-github
1
0
Fork 0
mirror of https://github.com/gwenhael-le-moine/sway-patched-tray-menu.git synced 2025-01-15 15:40:58 +01:00
Code Issues Projects Releases Packages Wiki Activity
sway-patched-tray-menu-github/sway
History
Rouven Czerwinski 3ead287064 view: set xdg_decoration->view to NULL, check decoration destroy 
Fixes heap-use-after-free:

==32046==ERROR: AddressSanitizer: heap-use-after-free on address 0x615000064d20 at pc 0x55571ce4d303 bp 0x7fff545c64c0 sp 0x7fff545c64b0
WRITE of size 8 at 0x615000064d20 thread T0
    #0 0x55571ce4d302 in xdg_decoration_handle_destroy ../sway/xdg_decoration.c:13
    #1 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
    #2 0x7f64009d3c46 in toplevel_decoration_handle_resource_destroy ../types/wlr_xdg_decoration_v1.c:65
    #3 0x7f6400a19f8d  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)
    #4 0x7f6400a19fed in wl_resource_destroy (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7fed)
    #5 0x7f64009d3d1f in toplevel_decoration_handle_surface_destroy ../types/wlr_xdg_decoration_v1.c:82
    #6 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
    #7 0x7f64009b059c in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:453
    #8 0x7f64009b0688 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:483
    #9 0x7f64009af08c in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
    #10 0x7f6400a19f8d  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)
    #11 0x7f6400a1e211  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0xc211)
    #12 0x7f6400a1e6fe  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0xc6fe)
    #13 0x7f6400a1a0ec in wl_client_destroy (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x80ec)
    #14 0x7f6400a1a1c4  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x81c4)
    #15 0x7f6400a1b941 in wl_event_loop_dispatch (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x9941)
    #16 0x7f6400a1a569 in wl_display_run (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x8569)
    #17 0x55571ce4c7fd in server_run ../sway/server.c:214
    #18 0x55571ce4ad59 in main ../sway/main.c:405
    #19 0x7f640071109a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
    #20 0x55571ce2cfa9 in _start (/usr/local/bin/sway+0x35fa9)

0x615000064d20 is located 32 bytes inside of 504-byte region [0x615000064d00,0x615000064ef8)
freed by thread T0 here:
    #0 0x7f6401531b70 in free (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xedb70)
    #1 0x55571ce6c72b in destroy ../sway/desktop/xdg_shell.c:252
    #2 0x55571cee3f7b in view_destroy ../sway/tree/view.c:60
    #3 0x55571cee4090 in view_begin_destroy ../sway/tree/view.c:73
    #4 0x55571ce6dd95 in handle_destroy ../sway/desktop/xdg_shell.c:464
    #5 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
    #6 0x7f64009b059c in reset_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:453
    #7 0x7f64009b0688 in destroy_xdg_surface ../types/xdg_shell/wlr_xdg_surface.c:483
    #8 0x7f64009af08c in xdg_client_handle_resource_destroy ../types/xdg_shell/wlr_xdg_shell.c:71
    #9 0x7f6400a19f8d  (/usr/lib/x86_64-linux-gnu/libwayland-server.so.0+0x7f8d)

previously allocated by thread T0 here:
    #0 0x7f6401532138 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xee138)
    #1 0x55571ce6df39 in handle_xdg_shell_surface ../sway/desktop/xdg_shell.c:485
    #2 0x7f64009d6f36 in wlr_signal_emit_safe ../util/signal.c:29
    #3 0x7f64009b0167 in handle_xdg_surface_commit ../types/xdg_shell/wlr_xdg_surface.c:350
    #4 0x7f64009ce2a5 in surface_commit_pending ../types/wlr_surface.c:372
    #5 0x7f64009ce523 in surface_commit ../types/wlr_surface.c:444
    #6 0x7f63ff63ddad in ffi_call_unix64 (/usr/lib/x86_64-linux-gnu/libffi.so.6+0x5dad)

Fixes #3759
2019-02-23 03:03:03 -05:00
..
commands move scratchpad: hide visible scratchpad container 2019-02-22 08:13:51 +01:00
config Don't use SOCK_CLOEXEC 2019-02-19 16:34:07 +01:00
desktop view: set xdg_decoration->view to NULL, check decoration destroy 2019-02-23 03:03:03 -05:00
input input/cursor: allow whole-window bindings on ws 2019-02-22 13:32:34 +01:00
tree Handle NULL from output_get_active_workspace 2019-02-21 21:18:03 +01:00
commands.c Fix quote stripping 2019-02-05 07:15:25 -05:00
config.c Fix reload freeze when not modsetting current mode 2019-02-16 23:37:36 +01:00
criteria.c Revert "Add some missing frees." 2019-02-01 11:51:03 +00:00
debug-tree.c Replace wlr_log with sway_log 2019-01-21 12:59:42 +01:00
decoration.c Fix double free when unmapping any view 2018-11-15 15:22:09 +10:00
ipc-json.c Handle NULL from output_get_active_workspace 2019-02-21 21:18:03 +01:00
ipc-server.c ipc_has_event_listeners: fix inverted check of subscribed_events 2019-02-06 15:16:48 +01:00
main.c run_as_ipc_client: free response after running the IPC command 2019-02-21 11:32:55 +01:00
meson.build pointer_constraint: change to a seat subcommand 2019-01-31 22:58:52 -05:00
security.c Replace _XOPEN_SOURCE with _POSIX_C_SOURCE 2018-11-25 17:19:43 +01:00
server.c Add wp-primary-selection-unstable-v1 2019-02-20 11:16:05 +01:00
sway-bar.5.scd Updates for scdoc 1.8.1 2019-01-31 08:42:29 -05:00
sway-input.5.scd sway-input.5: document wildcard and identifier troubleshooting 2019-02-16 23:50:37 +01:00
sway-output.5.scd Document cursor moving between adjacent outputs 2019-01-28 21:36:48 -05:00
sway.1.scd Remove unnecessary underscores in man pages 2019-01-27 11:27:48 -05:00
sway.5.scd input/cursor: allow whole-window bindings on ws 2019-02-22 13:32:34 +01:00
swaynag.c Replace wlr_log with sway_log 2019-01-21 12:59:42 +01:00
xdg_decoration.c view: set xdg_decoration->view to NULL, check decoration destroy 2019-02-23 03:03:03 -05:00