[PATCH weston] fullscreen-shell: avoid access to freed data

Wed Jun 8 15:55:17 UTC 2016

Remove the output transform from the view transform list when its
surface is destroyed. The surface destruction also triggers the
freeing of its views, so the next access to the output transform link
could crash.
---
 fullscreen-shell/fullscreen-shell.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fullscreen-shell/fullscreen-shell.c b/fullscreen-shell/fullscreen-shell.c
index a32e46a..035996e 100644
--- a/fullscreen-shell/fullscreen-shell.c
+++ b/fullscreen-shell/fullscreen-shell.c
@@ -234,6 +234,8 @@ surface_destroyed(struct wl_listener *listener, void *data)
 					       surface_destroyed);
 	fsout->surface = NULL;
 	fsout->view = NULL;
+	wl_list_remove(&fsout->transform.link);
+	wl_list_init(&fsout->transform.link);
 }
 
 static void
-- 
2.7.4

