[PATCH] wayland-server: fix resource destroy
Tiago Vignatti
tiago.vignatti at linux.intel.com
Sun Oct 9 11:32:46 PDT 2011
On 10/07/2011 10:49 AM, Fiedler, Mathias wrote:
>
> object id was read from freed memory.
> In rare cases i got errors where compositor was complaining about wrong or still used object ids.
>
> diff --git a/wayland/src/wayland-server.c b/wayland/src/wayland-server.c
> index a6cd88d..5eb7906 100644
> --- a/wayland/src/wayland-server.c
> +++ b/wayland/src/wayland-server.c
> @@ -313,9 +313,9 @@ WL_EXPORT void
> wl_resource_destroy(struct wl_resource *resource, uint32_t time)
> {
> struct wl_client *client = resource->client;
> -
> + uint32_t id = resource->object.id;
> destroy_resource(resource,&time);
> - wl_map_insert_at(&client->objects, resource->object.id, NULL);
> + wl_map_insert_at(&client->objects, id, NULL);
> }
object id has to be removed from the structure, using wl_map_remove.
Also, the way you cooked the patch is not that legible (one could easily
go and revert the changes for cleaning up) and I guess we can make
better a bit
Tiago
More information about the wayland-devel
mailing list