| Summary: | integer passed to XChangeProperty() causes crash | ||
|---|---|---|---|
| Product: | SDL | Reporter: | Julian Coleman <jdc> |
| Component: | *don't know* | Assignee: | Ryan C. Gordon <icculus> |
| Status: | RESOLVED FIXED | QA Contact: | Sam Lantinga <slouken> |
| Severity: | major | ||
| Priority: | P2 | ||
| Version: | 1.2.15 | ||
| Hardware: | Other | ||
| OS: | NetBSD | ||
| Attachments: | Fix for XChangeProperty crash. | ||
Fixed, thanks! http://hg.libsdl.org/SDL/rev/57a55e457ef6 Can you take a look at the SDL 2.0 code and see if a similar fix is necessary there? http://www.libsdl.org/tmp/SDL-2.0.tar.gz Hi, Looking at src/video/x11/SDL_x11window.c in SDLK 2.0.0, XChangeProperty() is passed &data->pid. data is a struct SDL_VideoData, and pid is a pid_t in the struct. So, this looks like it will have the same problem as 1.2.15. The same fix should apply, but inside the definition of struct SDL_VideoData. Thanks, J |
Created attachment 825 [details] Fix for XChangeProperty crash. In src/video/x11/SDL_x11video.c, the result of getpid(), i.e., a pid_t is passed to: XChangeProperty(..., 32, ...) However, using 32 here means that Xlib treats the value as a long, and pid_t is an int. So, we get a bus error inside Xlib. The fix is to make sure that anything passed to XChangeProperty() is aligned correctly. Note, that the other calls to XChangeProperty() pass long values here. The proposed patch makes a union of the pid_t return type from getpid() and a dummy long. This has been tested to fix the bus error crash on NetBSD/sparc64.