diff options
| author | Florian Müllner <fmuellner@gnome.org> | 2018-02-20 17:23:16 +0100 |
|---|---|---|
| committer | Florian Müllner <fmuellner@gnome.org> | 2018-02-20 17:40:40 +0100 |
| commit | 9d133d8ebbf9d99db0a02eaa6843c7e43cdec480 (patch) | |
| tree | fbc85840d6d56de222ee5d0f632df31fadcba9b6 | |
| parent | a347ed99121ae397a96d6a754de0b6fa970c2b8f (diff) | |
| download | gnome-shell-wip/fmuellner/guard-shadow-pipeline-from-actor-call.tar.gz | |
st: Guard against spec being invalided during shadow creationwip/fmuellner/guard-shadow-pipeline-from-actor-call
If an actor is pending a relaying when get_allocation_box() is called,
the method forces an allocation update. In case of StWidget, this might
then result in a style update and a consecutive invalidation of the
shadow spec - we will then try to create a shadow specified by random
memory, with undefined (though likely fatal) consequences.
Guard against this by taking a temporary reference during the function
call.
https://bugzilla.gnome.org/show_bug.cgi?id=788908
| -rw-r--r-- | src/st/st-private.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/src/st/st-private.c b/src/st/st-private.c index be78833e7..df94751bf 100644 --- a/src/st/st-private.c +++ b/src/st/st-private.c @@ -417,11 +417,17 @@ _st_create_shadow_pipeline_from_actor (StShadow *shadow_spec, ClutterActorBox box; float width, height; + /* Querying the actor's allocation may force an allocation update, which + * may cause a style update, which then may invalidate shadow_spec; make + * sure the spec is kept alive by taking a temporary reference + */ + st_shadow_spec_ref (shadow_spec); + clutter_actor_get_allocation_box (actor, &box); clutter_actor_box_get_size (&box, &width, &height); if (width == 0 || height == 0) - return NULL; + goto out; if (CLUTTER_IS_TEXTURE (actor)) { @@ -448,7 +454,7 @@ _st_create_shadow_pipeline_from_actor (StShadow *shadow_spec, COGL_PIXEL_FORMAT_ANY); if (buffer == NULL) - return NULL; + goto out; offscreen = cogl_offscreen_new_with_texture (buffer); fb = COGL_FRAMEBUFFER (offscreen); @@ -458,7 +464,7 @@ _st_create_shadow_pipeline_from_actor (StShadow *shadow_spec, cogl_error_free (catch_error); cogl_object_unref (offscreen); cogl_object_unref (buffer); - return NULL; + goto out; } cogl_color_init_from_4ub (&clear_color, 0, 0, 0, 0); @@ -488,6 +494,8 @@ _st_create_shadow_pipeline_from_actor (StShadow *shadow_spec, cogl_object_unref (buffer); } + st_shadow_spec_unref (shadow_spec); + return shadow_pipeline; } |