rpms/ibus
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: #2195895 ibus_input_context_set_cursor_location(): ibus-x11 SIGSEGV

Browse Source
This commit is contained in:
Takao Fujiwara 2023-05-26 06:57:47 +09:00
parent 4a492105b6
commit cc96b97435
2 changed files with 150 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

153
ibus-1385349-segv-bus-proxy.patch
View File

@ -1,6 +1,6 @@
From 5749b4861ffcaf8083d97c6bf9858257373596ce Mon Sep 17 00:00:00 2001
From ffe82832ac5bc6aaa3d5a93004aae97a8b44a60c Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Wed, 25 Jan 2023 17:26:47 +0900
Date: Fri, 26 May 2023 06:35:13 +0900
Subject: [PATCH] Fix SEGV in bus_panel_proxy_focus_in()
rhbz#1350291 SEGV in BUS_IS_CONNECTION(skip_connection) in
@ -21,6 +21,9 @@ If the mutex is not unlocked, g_mutex_clear() causes assert.
rhbz#1767691 SEGV in client/x11/main.c:_sighandler().
Do not call atexit functions in _sighandler().
rhbz#2195895 SEGV in client/x11/main.c:_xim_set_cursor_location()
check if IBusInputContext was disconnected.
rhbz#1795499 rhbz#1936777 SEGV in ibus_bus_get_bus_address() because of
no _bus->priv.
_changed_cb() should not be called after ibus_bus_destroy() is called.
@ -44,15 +47,16 @@ BUG=rhbz#1771238
BUG=rhbz#1767976
BUG=rhbz#1797120
BUG=rhbz#2151344
BUG=rhbz#2195895
---
bus/dbusimpl.c | 47 ++++++++++++++++++++++++---
bus/engineproxy.c | 44 +++++++++++++++++++------
client/x11/main.c | 8 ++++-
client/x11/main.c | 56 ++++++++++++++++++++++++++++----
portal/portal.c | 11 +++++++
src/ibusbus.c | 6 ++++
ui/gtk3/extension.vala | 4 +++
ui/gtk3/switcher.vala | 73 +++++++++++++++++++++++++-----------------
7 files changed, 148 insertions(+), 45 deletions(-)
7 files changed, 191 insertions(+), 50 deletions(-)
diff --git a/bus/dbusimpl.c b/bus/dbusimpl.c
index 59787a80..af2fbde2 100644
@ -243,7 +247,7 @@ index b3e16066..ba479b59 100644
/* FIXME: set destroy callback ? */
g_task_return_pointer (data->task, engine, NULL);
diff --git a/client/x11/main.c b/client/x11/main.c
index 905fd251..1abea0af 100644
index 83d95cb7..804e40ed 100644
--- a/client/x11/main.c
+++ b/client/x11/main.c
@@ -45,6 +45,7 @@
@ -254,7 +258,142 @@ index 905fd251..1abea0af 100644
#include <getopt.h>
@@ -1269,7 +1270,12 @@ _atexit_cb ()
@@ -69,6 +70,7 @@ typedef struct _X11ICONN X11ICONN;
typedef struct _X11IC X11IC;
struct _X11IC {
IBusInputContext *context;
+ gboolean ibus_connected;
Window client_window;
Window focus_window;
gint32 input_style;
@@ -327,6 +329,18 @@ _xim_store_ic_values (X11IC *x11ic, IMChangeICStruct *call_data)
return 1;
}
+static void
+ibus_ic_connection_closed_cb (GDBusConnection *connection,
+ gboolean remote_peer_vanished,
+ GError *error,
+ X11IC *x11ic)
+{
+ /* rhbz#2195895 The moment of the IBusBus disconnection would be
+ * different from the moment of XIM_DISCONNECT.
+ */
+ x11ic->ibus_connected = FALSE;
+}
+
static int
xim_create_ic (XIMS xims, IMChangeICStruct *call_data)
@@ -334,6 +348,7 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data)
static int base_icid = 1;
X11IC *x11ic;
guint32 capabilities = IBUS_CAP_FOCUS;
+ GDBusConnection *connection;
call_data->icid = base_icid ++;
@@ -345,8 +360,9 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data)
x11ic->icid = call_data->icid;
x11ic->connect_id = call_data->connect_id;
- x11ic->conn = (X11ICONN *)g_hash_table_lookup (_connections,
- GINT_TO_POINTER ((gint) call_data->connect_id));
+ x11ic->conn = (X11ICONN *)g_hash_table_lookup (
+ _connections,
+ GINT_TO_POINTER ((gint) call_data->connect_id));
if (x11ic->conn == NULL) {
g_slice_free (X11IC, x11ic);
g_return_val_if_reached (0);
@@ -376,6 +392,10 @@ xim_create_ic (XIMS xims, IMChangeICStruct *call_data)
G_CALLBACK (_context_enabled_cb), x11ic);
g_signal_connect (x11ic->context, "disabled",
G_CALLBACK (_context_disabled_cb), x11ic);
+ connection = g_dbus_proxy_get_connection (G_DBUS_PROXY (x11ic->context));
+ x11ic->ibus_connected = !g_dbus_connection_is_closed (connection);
+ g_signal_connect (connection, "closed",
+ G_CALLBACK (ibus_ic_connection_closed_cb), x11ic);
if (x11ic->input_style & XIMPreeditCallbacks)
@@ -400,11 +420,19 @@ xim_destroy_ic (XIMS xims, IMChangeICStruct *call_data)
LOG (1, "XIM_DESTROY_IC ic=%d connect_id=%d",
call_data->icid, call_data->connect_id);
- x11ic = (X11IC *)g_hash_table_lookup (_x11_ic_table,
- GINT_TO_POINTER ((gint) call_data->icid));
+ x11ic = (X11IC *)g_hash_table_lookup (
+ _x11_ic_table,
+ GINT_TO_POINTER ((gint) call_data->icid));
g_return_val_if_fail (x11ic != NULL, 0);
if (x11ic->context) {
+ GDBusConnection *connection =
+ g_dbus_proxy_get_connection (G_DBUS_PROXY (x11ic->context));
+ x11ic->ibus_connected = FALSE;
+ g_signal_handlers_disconnect_by_func (
+ connection,
+ (GCallback)ibus_ic_connection_closed_cb,
+ x11ic);
ibus_proxy_destroy ((IBusProxy *)x11ic->context);
g_object_unref (x11ic->context);
x11ic->context = NULL;
@@ -412,7 +440,8 @@ xim_destroy_ic (XIMS xims, IMChangeICStruct *call_data)
g_hash_table_remove (_x11_ic_table,
GINT_TO_POINTER ((gint) call_data->icid));
- x11ic->conn->clients = g_list_remove (x11ic->conn->clients, (gconstpointer)x11ic);
+ x11ic->conn->clients = g_list_remove (x11ic->conn->clients,
+ (gconstpointer)x11ic);
g_free (x11ic->preedit_string);
x11ic->preedit_string = NULL;
@@ -438,6 +467,8 @@ xim_set_ic_focus (XIMS xims, IMChangeFocusStruct *call_data)
x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table,
GINT_TO_POINTER ((gint) call_data->icid));
g_return_val_if_fail (x11ic != NULL, 0);
+ if (!x11ic->ibus_connected)
+ return 1;
ibus_input_context_focus_in (x11ic->context);
_xim_set_cursor_location (x11ic);
@@ -456,6 +487,8 @@ xim_unset_ic_focus (XIMS xims, IMChangeFocusStruct *call_data)
x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table,
GINT_TO_POINTER ((gint) call_data->icid));
g_return_val_if_fail (x11ic != NULL, 0);
+ if (!x11ic->ibus_connected)
+ return 1;
ibus_input_context_focus_out (x11ic->context);
@@ -594,6 +627,8 @@ xim_forward_event (XIMS xims, IMForwardEventStruct *call_data)
x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table,
GINT_TO_POINTER ((gint) call_data->icid));
g_return_val_if_fail (x11ic != NULL, 0);
+ if (!x11ic->ibus_connected)
+ return 0;
xevent = (XKeyEvent*) &(call_data->event);
@@ -836,6 +871,8 @@ _xim_set_cursor_location (X11IC *x11ic)
}
}
+ if (!x11ic->ibus_connected)
+ return;
ibus_input_context_set_cursor_location (x11ic->context,
preedit_area.x,
preedit_area.y,
@@ -916,6 +953,8 @@ xim_reset_ic (XIMS xims, IMResetICStruct *call_data)
x11ic = (X11IC *) g_hash_table_lookup (_x11_ic_table,
GINT_TO_POINTER ((gint) call_data->icid));
g_return_val_if_fail (x11ic != NULL, 0);
+ if (!x11ic->ibus_connected)
+ return 1;
ibus_input_context_reset (x11ic->context);
@@ -1275,7 +1314,12 @@ _atexit_cb ()
static void
_sighandler (int sig)
{
@ -434,5 +573,5 @@ index 9400e9ba..2ecbdac1 100644
#if VALA_0_34
seat.ungrab();
--
2.38.1
2.40.0

5
ibus.spec
View File

@ -50,7 +50,7 @@
Name: ibus
Version: 1.5.28
Release: 5%{?dist}
Release: 6%{?dist}
Summary: Intelligent Input Bus for Linux OS
License: LGPL-2.0-or-later
URL: https://github.com/ibus/%name/wiki
@ -559,6 +559,9 @@ dconf update || :
%{_datadir}/installed-tests/ibus
%changelog
* Fri May 26 2023 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.28-6
- Resolves: #2195895 ibus_input_context_set_cursor_location(): ibus-x11 SIGSEGV
* Fri May 12 2023 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.28-5
- Fix cross compiling with gen-internal-compose-table