From 1ff1100d766ad49a34ac12603a416e62cdf462fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Fri, 12 Mar 2021 15:36:08 +0100 Subject: cally/stage: Don't add weak pointer to stage The CallyStage objects lifetime is tied to the stage, so if we add a weak pointer to it, we won't be able to remove it, as we would try to do so not until the stage itself is being disposed, at which point removing it fails. However, not removing it will make the stage try to clean up the weak refs, and since it does this more or less directly after freeing the cally stage, it ends up writing NULL to freed memory, causing memory corruption. Fix this by avoiding adding the weak pointer when that pointer is to the stage. Part-of: --- clutter/clutter/cally/cally-stage.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/clutter/clutter/cally/cally-stage.c b/clutter/clutter/cally/cally-stage.c index ae5aa48bc..c00ada46e 100644 --- a/clutter/clutter/cally/cally-stage.c +++ b/clutter/clutter/cally/cally-stage.c @@ -134,8 +134,11 @@ cally_stage_notify_key_focus_cb (ClutterStage *stage, if (self->priv->key_focus != NULL) { - g_object_remove_weak_pointer (G_OBJECT (self->priv->key_focus), - (gpointer *) &self->priv->key_focus); + if (self->priv->key_focus != CLUTTER_ACTOR (stage)) + { + g_object_remove_weak_pointer (G_OBJECT (self->priv->key_focus), + (gpointer *) &self->priv->key_focus); + } old = clutter_actor_get_accessible (self->priv->key_focus); } else @@ -160,8 +163,11 @@ cally_stage_notify_key_focus_cb (ClutterStage *stage, * * we remove the weak pointer above. */ - g_object_add_weak_pointer (G_OBJECT (self->priv->key_focus), - (gpointer *) &self->priv->key_focus); + if (key_focus != CLUTTER_ACTOR (stage)) + { + g_object_add_weak_pointer (G_OBJECT (self->priv->key_focus), + (gpointer *) &self->priv->key_focus); + } new = clutter_actor_get_accessible (key_focus); } -- cgit v1.2.1