aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorTom Englund <[email protected]>2024-10-25 12:26:48 +0200
committerGitHub <[email protected]>2024-10-25 11:26:48 +0100
commitf0e023bff2f2a25ffe5ed3166f55f7274d17c6bc (patch)
treed7dc8cf3985f155f06a3acfffbea591366b742dc
parent3cec45d82113051d35e846e5d80719d8ea0f7002 (diff)
downloadHyprland-f0e023bff2f2a25ffe5ed3166f55f7274d17c6bc.tar.gz
Hyprland-f0e023bff2f2a25ffe5ed3166f55f7274d17c6bc.zip
security-context: avoid UB in C macro (#8229)
to safely use wl_container_of with a class the class has to be no virtual functions, no inheritance, and uniform access control (e.g all public) work around this by putting this into a destroywrapper struct.
-rw-r--r--src/protocols/SecurityContext.cpp12
-rw-r--r--src/protocols/SecurityContext.hpp12
2 files changed, 17 insertions, 7 deletions
diff --git a/src/protocols/SecurityContext.cpp b/src/protocols/SecurityContext.cpp
index b42c3a97..13428b91 100644
--- a/src/protocols/SecurityContext.cpp
+++ b/src/protocols/SecurityContext.cpp
@@ -22,7 +22,8 @@ SP<CSecurityContextSandboxedClient> CSecurityContextSandboxedClient::create(int
}
static void onSecurityContextClientDestroy(wl_listener* l, void* d) {
- CSecurityContextSandboxedClient* client = wl_container_of(l, client, destroyListener);
+ CSecurityContextSandboxedClientDestroyWrapper* wrap = wl_container_of(l, wrap, listener);
+ CSecurityContextSandboxedClient* client = wrap->parent;
client->onDestroy();
}
@@ -31,12 +32,15 @@ CSecurityContextSandboxedClient::CSecurityContextSandboxedClient(int clientFD_)
if (!client)
return;
- destroyListener.notify = ::onSecurityContextClientDestroy;
- wl_client_add_destroy_late_listener(client, &destroyListener);
+ wl_list_init(&destroyListener.listener.link);
+ destroyListener.listener.notify = ::onSecurityContextClientDestroy;
+ destroyListener.parent = this;
+ wl_client_add_destroy_late_listener(client, &destroyListener.listener);
}
CSecurityContextSandboxedClient::~CSecurityContextSandboxedClient() {
- wl_list_remove(&destroyListener.link);
+ wl_list_remove(&destroyListener.listener.link);
+ wl_list_init(&destroyListener.listener.link);
close(clientFD);
}
diff --git a/src/protocols/SecurityContext.hpp b/src/protocols/SecurityContext.hpp
index 76313bcf..63f58bde 100644
--- a/src/protocols/SecurityContext.hpp
+++ b/src/protocols/SecurityContext.hpp
@@ -37,14 +37,20 @@ class CSecurityContextManagerResource {
SP<CWpSecurityContextManagerV1> resource;
};
+class CSecurityContextSandboxedClient;
+struct CSecurityContextSandboxedClientDestroyWrapper {
+ wl_listener listener;
+ CSecurityContextSandboxedClient* parent = nullptr;
+};
+
class CSecurityContextSandboxedClient {
public:
static SP<CSecurityContextSandboxedClient> create(int clientFD);
~CSecurityContextSandboxedClient();
- void onDestroy();
+ void onDestroy();
- wl_listener destroyListener;
+ CSecurityContextSandboxedClientDestroyWrapper destroyListener;
private:
CSecurityContextSandboxedClient(int clientFD_);
@@ -81,4 +87,4 @@ class CSecurityContextProtocol : public IWaylandProtocol {
namespace PROTO {
inline UP<CSecurityContextProtocol> securityContext;
-}; \ No newline at end of file
+};