[mutter] cally/stage: Don't add weak pointer to stage



commit 1ff1100d766ad49a34ac12603a416e62cdf462fc
Author: Jonas Ã…dahl <jadahl gmail com>
Date:   Fri Mar 12 15:36:08 2021 +0100

    cally/stage: Don't add weak pointer to stage
    
    The CallyStage objects lifetime is tied to the stage, so if we add a
    weak pointer to it, we won't be able to remove it, as we would try to do
    so not until the stage itself is being disposed, at which point removing
    it fails. However, not removing it will make the stage try to clean up
    the weak refs, and since it does this more or less directly after
    freeing the cally stage, it ends up writing NULL to freed memory,
    causing memory corruption.
    
    Fix this by avoiding adding the weak pointer when that pointer is to the
    stage.
    
    Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1775>

 clutter/clutter/cally/cally-stage.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)
---
diff --git a/clutter/clutter/cally/cally-stage.c b/clutter/clutter/cally/cally-stage.c
index ae5aa48bcb..c00ada46ec 100644
--- a/clutter/clutter/cally/cally-stage.c
+++ b/clutter/clutter/cally/cally-stage.c
@@ -134,8 +134,11 @@ cally_stage_notify_key_focus_cb (ClutterStage *stage,
 
       if (self->priv->key_focus != NULL)
         {
-          g_object_remove_weak_pointer (G_OBJECT (self->priv->key_focus),
-                                        (gpointer *) &self->priv->key_focus);
+          if (self->priv->key_focus != CLUTTER_ACTOR (stage))
+            {
+              g_object_remove_weak_pointer (G_OBJECT (self->priv->key_focus),
+                                            (gpointer *) &self->priv->key_focus);
+            }
           old = clutter_actor_get_accessible (self->priv->key_focus);
         }
       else
@@ -160,8 +163,11 @@ cally_stage_notify_key_focus_cb (ClutterStage *stage,
        *
        * we remove the weak pointer above.
        */
-      g_object_add_weak_pointer (G_OBJECT (self->priv->key_focus),
-                                 (gpointer *) &self->priv->key_focus);
+      if (key_focus != CLUTTER_ACTOR (stage))
+        {
+          g_object_add_weak_pointer (G_OBJECT (self->priv->key_focus),
+                                     (gpointer *) &self->priv->key_focus);
+        }
 
       new = clutter_actor_get_accessible (key_focus);
     }


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]