desktop-shell: Check for a valid desktop_surface

This patch fixes the following trace:

    #0 0x7f07d1bcecfa in weston_desktop_surface_get_surface ../libweston-desktop/surface.c:585
    #1 0x7f07d1bfc9b8 in move_grab_motion ../desktop-shell/shell.c:1499
    #2 0x7f07e539f841 in notify_motion ../libweston/input.c:1794
    #3 0x7f07e1e8ace4 in handle_pointer_motion ../libweston/libinput-device.c:132
    #4 0x7f07e1e8cad5 in evdev_device_process_event ../libweston/libinput-device.c:535
    #5 0x7f07e1e89311 in udev_input_process_event ../libweston/libinput-seat.c:208
    #6 0x7f07e1e8932f in process_event ../libweston/libinput-seat.c:218
    #7 0x7f07e1e8935f in process_events ../libweston/libinput-seat.c:228
    #8 0x7f07e1e8940a in udev_input_dispatch ../libweston/libinput-seat.c:239
    #9 0x7f07e1e89437 in libinput_source_dispatch ../libweston/libinput-seat.c:249
    #10 0x7f07e53122b1 in wl_event_loop_dispatch ../src/event-loop.c:1027
    #11 0x7f07e5310114 in wl_display_run ../src/wayland-server.c:1408
    #12 0x7f07e579c7ba in wet_main ../compositor/main.c:3589
    #13 0x555611d6b17d in main ../compositor/executable.c:33
    #14 0x7f07e55be7fc in __libc_start_main ../csu/libc-start.c:332
    #15 0x555611d6b099 in _start (/home/mvlad/install-amd64/bin/weston+0x1099)

A highly unlikely, but still valid operation, is to close/destroy the
window while still having it grabbed and moved around, basically having
an in-flight destruction of grabbed moving window. Another situation
would be that the client terminates abruptly (crashing for instance),
while being dragged which might take down the compositor.

This could happen for both touch/pointer grab operations and could cause
a NULL pointer access while accessing desktop_surface when being used
to retrieve the underlying weston_surface.

With this patch we check for a valid desktop_surface and return early
if that's not the case.

Signed-off-by: Marius Vlad <marius.vlad@collabora.com>
dev
Marius Vlad 3 years ago
parent c41cdcabb4
commit d03f01377a
  1. 4
      desktop-shell/shell.c

@ -1360,7 +1360,7 @@ touch_move_grab_motion(struct weston_touch_grab *grab,
int dx = wl_fixed_to_int(grab->touch->grab_x + move->dx); int dx = wl_fixed_to_int(grab->touch->grab_x + move->dx);
int dy = wl_fixed_to_int(grab->touch->grab_y + move->dy); int dy = wl_fixed_to_int(grab->touch->grab_y + move->dy);
if (!shsurf || !move->active) if (!shsurf || !shsurf->desktop_surface || !move->active)
return; return;
es = weston_desktop_surface_get_surface(shsurf->desktop_surface); es = weston_desktop_surface_get_surface(shsurf->desktop_surface);
@ -1492,7 +1492,7 @@ move_grab_motion(struct weston_pointer_grab *grab,
int cx, cy; int cx, cy;
weston_pointer_move(pointer, event); weston_pointer_move(pointer, event);
if (!shsurf) if (!shsurf || !shsurf->desktop_surface)
return; return;
surface = weston_desktop_surface_get_surface(shsurf->desktop_surface); surface = weston_desktop_surface_get_surface(shsurf->desktop_surface);

Loading…
Cancel
Save