[PATCH xserver] composite: Fix use-after-free in compReparentWindow
Peter Harris
pharris at opentext.com
Thu Feb 22 23:07:38 UTC 2018
If an implicitly redirected window is unredirected by the reparent
operation, cw will be a stale pointer.
Signed-off-by: Peter Harris <pharris at opentext.com>
---
composite/compwindow.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/composite/compwindow.c b/composite/compwindow.c
index e74ce661a..54b4e6ac4 100644
--- a/composite/compwindow.c
+++ b/composite/compwindow.c
@@ -432,7 +432,7 @@ compReparentWindow(WindowPtr pWin, WindowPtr pPriorParent)
{
ScreenPtr pScreen = pWin->drawable.pScreen;
CompScreenPtr cs = GetCompScreen(pScreen);
- CompWindowPtr cw = GetCompWindow(pWin);
+ CompWindowPtr cw;
pScreen->ReparentWindow = cs->ReparentWindow;
/*
@@ -471,6 +471,7 @@ compReparentWindow(WindowPtr pWin, WindowPtr pPriorParent)
cs->ReparentWindow = pScreen->ReparentWindow;
pScreen->ReparentWindow = compReparentWindow;
+ cw = GetCompWindow(pWin);
if (pWin->damagedDescendants || (cw && cw->damaged))
compMarkAncestors(pWin);
--
2.14.1
More information about the xorg-devel
mailing list