D7870: Don't crash if a client (legally) uses a deleted global
Anthony Fieroni
noreply at phabricator.kde.org
Mon Sep 18 18:33:38 UTC 2017
anthonyfieroni added inline comments.
INLINE COMMENTS
> blur_interface.cpp:49
> static Private *cast(wl_resource *r) {
> - return reinterpret_cast<Private*>(wl_resource_get_user_data(r));
> + auto blurManager = reinterpret_cast<QPointer<BlurManagerInterface>*>(wl_resource_get_user_data(r))->data();
> + if (blurManager) {
QPointer itself can determine that resource is deleted but QPointer* acts like every normal pointer e.g. it can be dangling. So if unbind is called before cast this line will crash.
> blur_interface.cpp:89
> {
> - Q_UNUSED(resource)
> - // TODO: implement?
> + delete reinterpret_cast<QPointer<BlurManagerInterface>*>(wl_resource_get_user_data(r));
> }
To work your idea this line should be
delete reinterpret_cast<QPointer<BlurManagerInterface>*>(wl_resource_get_user_data(r))->data()
QPointer *should* live to not be dangling in cast, so you can have a static map resource to QPointer* then you can update and delete them at server die.
REPOSITORY
R127 KWayland
REVISION DETAIL
https://phabricator.kde.org/D7870
To: davidedmundson, #plasma
Cc: anthonyfieroni, plasma-devel, #frameworks, ZrenBot, progwolff, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, mart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20170918/8364aea9/attachment.html>
More information about the Kde-frameworks-devel
mailing list