[mutter] clutter/actor: Sanity check new allocations

From: Jonas Ådahl <jadahl src gnome org>
To: commits-list gnome org
Cc:
Subject: [mutter] clutter/actor: Sanity check new allocations
Date: Tue, 2 Jun 2020 21:10:11 +0000 (UTC)

commit dcb42d3b25602c682cac6561972e095f790b7d01
Author: Jonas Dreßler <verdre v0yd nl>
Date:   Sat May 30 13:57:50 2020 +0200

    clutter/actor: Sanity check new allocations
    
    Apparently some shell extensions are setting invalid NaN allocations,
    leading to weird crashes like
    https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/1849.
    
    Even though an implementation error like this probably deserves a crash,
    those can be hard to debug since the crash can happen anywhere the
    allocation is being used later. So let Clutter be the good guy and
    prevent implementations from setting invalid allocations by
    sanity-checking the ClutterActorBoxes using g_return_if_fail.
    
    Fixes https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/1849
    
    https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1280

 clutter/clutter/clutter-actor.c | 8 ++++++++
 1 file changed, 8 insertions(+)
---
diff --git a/clutter/clutter/clutter-actor.c b/clutter/clutter/clutter-actor.c
index f711038048..da0f68ba5c 100644
--- a/clutter/clutter/clutter-actor.c
+++ b/clutter/clutter/clutter-actor.c
@@ -2601,6 +2601,9 @@ clutter_actor_set_allocation_internal (ClutterActor           *self,
   gboolean x1_changed, y1_changed, x2_changed, y2_changed;
   ClutterActorBox old_alloc = { 0, };
 
+  g_return_if_fail (!isnan (box->x1) && !isnan (box->x2) &&
+                    !isnan (box->y1) && !isnan (box->y2));
+
   obj = G_OBJECT (self);
 
   g_object_freeze_notify (obj);
@@ -10149,6 +10152,11 @@ clutter_actor_allocate (ClutterActor          *self,
   old_allocation = priv->allocation;
   real_allocation = *box;
 
+  g_return_if_fail (!isnan (real_allocation.x1) &&
+                    !isnan (real_allocation.x2) &&
+                    !isnan (real_allocation.y1) &&
+                    !isnan (real_allocation.y2));
+
   /* constraints are allowed to modify the allocation only here; we do
    * this prior to all the other checks so that we can bail out if the
    * allocation did not change

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]