862a3dab28
In Xwayland's xwl_unrealize_cursor(), the x_cursor is cleared up only when a device value is provided to the UnrealizeCursor() routine, but if the device is NULL as called from FreeCursor(), the corresponding x_cursor for the xwl_seat is left untouched. This might cause a segfault when trying to access the unrealized cursor's devPrivates in xwl_seat_set_cursor(). A possible occurrence of this is the client changing the cursor, the Xserver calling FreeCursor() which does UnrealizeCursor() and then the Wayland server sending a pointer enter event, which invokes xwl_seat_set_cursor() while the seat's x_cursor has just been unrealized. To avoid this, walk through all the xwl_seats and clear up all x_cursor matching the cursor being unrealized. Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Jonas Ã…dahl <jadahl@gmail.com> Reviewed-by: Hans de Goede <hdegoede@redhat.com> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| drm.xml | ||
| Makefile.am | ||
| xwayland-cursor.c | ||
| xwayland-cvt.c | ||
| xwayland-glamor-xv.c | ||
| xwayland-glamor.c | ||
| xwayland-input.c | ||
| xwayland-output.c | ||
| xwayland-shm.c | ||
| xwayland-vidmode.c | ||
| xwayland.c | ||
| xwayland.h | ||