[Wayland-bugs] [Bug 53018] New: Unguarded derefs in wayland-client.c can cause segfaults

Tue Jul 31 10:53:24 PDT 2012

https://bugs.freedesktop.org/show_bug.cgi?id=53018

             Bug #: 53018
           Summary: Unguarded derefs in wayland-client.c can cause
                    segfaults
    Classification: Unclassified
           Product: Wayland
           Version: unspecified
          Platform: x86-64 (AMD64)
        OS/Version: Linux (All)
            Status: NEW
          Severity: major
          Priority: medium
         Component: wayland
        AssignedTo: wayland-bugs at lists.freedesktop.org
        ReportedBy: joe.konno at linux.intel.com

If wayland/src/wayland-client.c:wl_proxy_get_user_data(), or a like function,
is called with a NULL actual param, Wayland will segfault and kill the
compositor and any running programs.

The segfaults were originally seen with an EFL test application that,
programatically, opened/closed windows and switched back and forth between the
shared memory and EGL backends. This test application reproduced the issue in 1
of 6 executions.

This behavior is most easily reproduced with the aid of well-placed gdb
breakpoints and overwriting the value (0x0) of the actual param.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.