From 36c97b260bdcbd789d1fef5241de791a243ca2ae Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Wed, 6 Jan 2021 09:27:35 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/qt5-qtwayland.git#3adab959bb22fed0540dd43306cb2cf11f3db3fc
---
 qt5-qtwayland.spec                            |  7 +++-
 ...ng-dangling-pointers-in-destroy-func.patch | 32 +++++++++++++++++++
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 qtwayland-scanner-avoid-accessing-dangling-pointers-in-destroy-func.patch

diff --git a/qt5-qtwayland.spec b/qt5-qtwayland.spec
index 3b44b3f..99d27ad 100644
--- a/qt5-qtwayland.spec
+++ b/qt5-qtwayland.spec
@@ -3,13 +3,15 @@
 Summary: Qt5 - Wayland platform support and QtCompositor module
 Name:    qt5-%{qt_module}
 Version: 5.15.2
-Release: 2%{?dist}
+Release: 3%{?dist}
 
 License: LGPLv3
 Url:     http://www.qt.io
 %global majmin %(echo %{version} | cut -d. -f1-2)
 Source0: https://download.qt.io/official_releases/qt/%{majmin}/%{version}/submodules/%{qt_module}-everywhere-src-%{version}.tar.xz
 
+# Upstream patches
+Patch0:  qtwayland-scanner-avoid-accessing-dangling-pointers-in-destroy-func.patch
 
 # Upstreamable patches
 
@@ -119,6 +121,9 @@ popd
 
 
 %changelog
+* Wed Jan  6 09:32:16 CET 2021 Jan Grulich <jgrulich@redhat.com> - 5.15.2-3
+- Scanner: Avoid accessing dangling pointers in destroy_func()
+
 * Tue Nov 24 07:54:16 CET 2020 Jan Grulich <jgrulich@redhat.com> - 5.15.2-2
 - Rebuild for qtbase with -no-reduce-relocations option
 
diff --git a/qtwayland-scanner-avoid-accessing-dangling-pointers-in-destroy-func.patch b/qtwayland-scanner-avoid-accessing-dangling-pointers-in-destroy-func.patch
new file mode 100644
index 0000000..823f648
--- /dev/null
+++ b/qtwayland-scanner-avoid-accessing-dangling-pointers-in-destroy-func.patch
@@ -0,0 +1,32 @@
+From e5c272423d1bba2825086b82fd97499237a6fa4b Mon Sep 17 00:00:00 2001
+From: Vlad Zahorodnii <vlad.zahorodnii@kde.org>
+Date: Fri, 30 Oct 2020 16:55:30 +0200
+Subject: [PATCH] Scanner: Avoid accessing dangling pointers in destroy_func()
+
+Usually, the object associated with the resource gets destroyed in the
+destroy_resource() function.
+
+Therefore, we need to double-check that the object is still alive before
+trying to reset its m_resource.
+
+Change-Id: I26408228f58919db17eb29584a1cbd4a9427d25c
+Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
+(cherry picked from commit 735164b5c2a2637a8d53a8803a2401e4ef477ff0)
+Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
+---
+
+diff --git a/src/qtwaylandscanner/qtwaylandscanner.cpp b/src/qtwaylandscanner/qtwaylandscanner.cpp
+index 1d635f0..e2f87bb 100644
+--- a/src/qtwaylandscanner/qtwaylandscanner.cpp
++++ b/src/qtwaylandscanner/qtwaylandscanner.cpp
+@@ -814,7 +814,9 @@
+             printf("        if (Q_LIKELY(that)) {\n");
+             printf("            that->m_resource_map.remove(resource->client(), resource);\n");
+             printf("            that->%s_destroy_resource(resource);\n", interfaceNameStripped);
+-            printf("            if (that->m_resource == resource)\n");
++            printf("\n");
++            printf("            that = resource->%s_object;\n", interfaceNameStripped);
++            printf("            if (that && that->m_resource == resource)\n");
+             printf("                that->m_resource = nullptr;\n");
+             printf("        }\n");
+             printf("        delete resource;\n");