[LyX/master] Fix write to uninitialized bytes for XCB event

Scott Kostyshak skostysh at lyx.org
Wed Feb 19 14:31:51 UTC 2020 

commit 19c41bd09572f15ac3546c8e6a6d4ec15306c93a
Author: Scott Kostyshak <skostysh at lyx.org>
Date:   Tue Feb 18 21:39:18 2020 -0500

    Fix write to uninitialized bytes for XCB event
    
    As the xcb_send_event man page [1] states,
    
      In order to properly initialize these bytes, we allocate 32 bytes
      even though we only need less for an xcb_configure_notify_event_t
    
    This commit fixes the following Valgrind error, which could be
    triggered by selecting a letter in LyX:
    
      ==12698== Syscall param writev(vector[...]) points to uninitialised byte(s)
      ==12698==    at 0x61F578D: __writev (writev.c:26)
      ==12698==    by 0x61F578D: writev (writev.c:24)
      ==12698==    by 0x4A83BFC: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
      ==12698==    by 0x4A83FD0: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
      ==12698==    by 0x4A84246: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
      ==12698==    by 0x4A84ACB: xcb_flush (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
      ==12698==    by 0x17C8F06: lyx::frontend::GuiApplication::nativeEventFilter(QByteArray const&, void*, long*) (GuiApplication.cpp:3366)
      ==12698==    by 0x5AA4EEE: QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (qabstracteventdispatcher.cpp:484)
    
    [1] https://www.x.org/releases/current/doc/man/man3/xcb_send_event.3.xhtml
---
 src/frontends/qt/GuiApplication.cpp |   24 ++++++++++++++++--------
 1 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/src/frontends/qt/GuiApplication.cpp b/src/frontends/qt/GuiApplication.cpp
index 8fdd9bf..2cdd5f6 100644
--- a/src/frontends/qt/GuiApplication.cpp
+++ b/src/frontends/qt/GuiApplication.cpp
@@ -3352,18 +3352,26 @@ bool GuiApplication::nativeEventFilter(const QByteArray & eventType,
 				// not doing that, maybe because of our
 				// "persistent selection" implementation
 				// (see comments in GuiSelection.cpp).
-				xcb_selection_notify_event_t nev;
-				nev.response_type = XCB_SELECTION_NOTIFY;
-				nev.requestor = srev->requestor;
-				nev.selection = srev->selection;
-				nev.target = srev->target;
-				nev.property = XCB_NONE;
-				nev.time = XCB_CURRENT_TIME;
+
+				// It is expected that every X11 event is 32 bytes long,
+				// even if not all 32 bytes are needed. See:
+				// https://www.x.org/releases/current/doc/man/man3/xcb_send_event.3.xhtml
+				// TODO switch to Q_DECLARE_XCB_EVENT(event, xcb_selection_notify_event_t)
+				//      once we require qt >= 5.6.3 or just copy the macro def.
+				xcb_selection_notify_event_t *nev = (xcb_selection_notify_event_t*) calloc(32, 1);
+
+				nev->response_type = XCB_SELECTION_NOTIFY;
+				nev->requestor = srev->requestor;
+				nev->selection = srev->selection;
+				nev->target = srev->target;
+				nev->property = XCB_NONE;
+				nev->time = XCB_CURRENT_TIME;
 				xcb_connection_t * con = QX11Info::connection();
 				xcb_send_event(con, 0, srev->requestor,
 					XCB_EVENT_MASK_NO_EVENT,
-					reinterpret_cast<char const *>(&nev));
+					reinterpret_cast<char const *>(nev));
 				xcb_flush(con);
+				free(nev);
 #endif
 				return true;
 			}

More information about the lyx-cvs mailing list