[Xcb] Problem with dock windows and libxcb-icccm
Jamey Sharp
jamey at minilop.net
Wed Mar 10 03:33:19 PST 2010
On Wed, Mar 10, 2010 at 2:55 AM, David Coppa <dcoppa at gmail.com> wrote:
> These type of windows have xcb_get_property_value_length(reply) = 0,
> while all other windows have 72.
Presumably, because the property isn't present on those windows, which
would mean the type is None and the format, bytes-after, and length
are all zero.
> This causes a floating-point exception in the
> xcb_get_wm_size_hints_from_reply function, making i3 crash.
>
> #0 0x0f5635a4 in xcb_get_wm_size_hints_from_reply (hints=0xcfbc8070,
> reply=0x8593fc20) at /usr/xenocara/dist/xcb-util/icccm/icccm.c:442
> 442 length = xcb_get_property_value_length(reply) / (reply->format / 8);
Surely it isn't the length being 0, but rather the format, that causes
this error.
Since the immediately following if-condition tests that the type and
format are sane, I'd suggest splitting off the length >= 15 portion of
the test into its own if-statement and moving the length computation
in between the two tests.
Michael's right that there's been a similar fix before, but I think
Debian bug 531310 is unrelated. Commit
d5b5d682465bd3196105df86d6df9fcde9518e6c looks like it addressed a
similar issue though, in a different function. This code apparently
needs an audit for more bugs like these.
Jamey
More information about the Xcb
mailing list