[PATCH] Do not abort() the compositor when dup fails during fd marshalling
Karsten Otto
karsten.otto at posteo.de
Sun Sep 14 06:53:00 PDT 2014
Treat dup failures as a marshalling error and return NULL.
The compositor will destroy the offending client but keep other clients intact.
A client entcountering dup failure will still abort(), as it does on other marshalling errors.
Signed-off-by: Karsten Otto <karsten.otto at posteo.de>
---
src/connection.c | 13 +++++++++----
tests/connection-test.c | 1 +
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/connection.c b/src/connection.c
index f292853..f4913be 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -563,10 +563,8 @@ wl_closure_marshal(struct wl_object *sender, uint32_t opcode,
case 'h':
fd = args[i].h;
dup_fd = wl_os_dupfd_cloexec(fd, 0);
- if (dup_fd < 0) {
- wl_log("dup failed: %m");
- abort();
- }
+ if (dup_fd < 0)
+ goto err_fd;
closure->args[i].h = dup_fd;
break;
default:
@@ -584,6 +582,13 @@ wl_closure_marshal(struct wl_object *sender, uint32_t opcode,
return closure;
+err_fd:
+ wl_closure_destroy(closure);
+ wl_log("error marshalling arguments for %s (signature %s): "
+ "failed to prepare file descriptor for arg %i - %m\n",
+ message->name, message->signature, i);
+ return NULL;
+
err_null:
wl_closure_destroy(closure);
wl_log("error marshalling arguments for %s (signature %s): "
diff --git a/tests/connection-test.c b/tests/connection-test.c
index 659bf68..d2336c9 100644
--- a/tests/connection-test.c
+++ b/tests/connection-test.c
@@ -268,6 +268,7 @@ TEST(connection_marshal_nullables)
expected_fail_marshal(EINVAL, "o", NULL);
expected_fail_marshal(EINVAL, "s", NULL);
expected_fail_marshal(EINVAL, "a", NULL);
+ expected_fail_marshal(EBADF, "h", -1);
marshal(&data, "?o", 12, NULL);
assert(data.buffer[2] == 0);
--
1.9.1
More information about the wayland-devel
mailing list