diff options
| author | Jason Crain <jason@inspiresomeone.us> | 2017-07-24 22:32:01 -0500 |
|---|---|---|
| committer | Rui Matos <tiagomatos@gmail.com> | 2017-07-25 16:01:22 +0200 |
| commit | dda675941777a876c1e9b08f922de72d32e73273 (patch) | |
| tree | 7ea9ebb20113435db0b063ea74ffedc61e6721ea | |
| parent | a3c7ec852fe63b61fe0d90b60eea9587935815f8 (diff) | |
| download | gnome-desktop-dda675941777a876c1e9b08f922de72d32e73273.tar.gz | |
Fix heap-use-after-free with duplicate xkb layouts
Debian's gnome-control-center can crash when show-all-sources is
enabled. When parse_end_element in gnome-xkb-info.c encounters
duplicate layouts, it will free the memory for the first layout while it
is still in a hash table.
https://bugzilla.gnome.org/show_bug.cgi?id=785320
| -rw-r--r-- | libgnome-desktop/gnome-xkb-info.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libgnome-desktop/gnome-xkb-info.c b/libgnome-desktop/gnome-xkb-info.c index 0e6c69e7..d6dfaff8 100644 --- a/libgnome-desktop/gnome-xkb-info.c +++ b/libgnome-desktop/gnome-xkb-info.c @@ -405,6 +405,12 @@ parse_end_element (GMarkupParseContext *context, priv->current_parser_variant->xkb_name, NULL); + if (g_hash_table_contains (priv->layouts_table, priv->current_parser_variant->id)) + { + g_clear_pointer (&priv->current_parser_variant, free_layout); + return; + } + g_hash_table_replace (priv->layouts_table, priv->current_parser_variant->id, priv->current_parser_variant); |