From e91b6e9c62847f4fa00be4f813da94ee050d0b94 Mon Sep 17 00:00:00 2001 From: Arnaud Vrac Date: Wed, 8 Jun 2016 17:55:08 +0200 Subject: [PATCH] fullscreen-shell: avoid access to freed data Remove the output transform from the view transform list when its surface is destroyed. The surface destruction also triggers the freeing of its views, so the next access to the output transform link could crash. Reviewed-by: Quentin Glidic --- fullscreen-shell/fullscreen-shell.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fullscreen-shell/fullscreen-shell.c b/fullscreen-shell/fullscreen-shell.c index b9c82a89..b3083d88 100644 --- a/fullscreen-shell/fullscreen-shell.c +++ b/fullscreen-shell/fullscreen-shell.c @@ -293,6 +293,8 @@ surface_destroyed(struct wl_listener *listener, void *data) surface_destroyed); fsout->surface = NULL; fsout->view = NULL; + wl_list_remove(&fsout->transform.link); + wl_list_init(&fsout->transform.link); } static void