b***@freedesktop.org
2017-02-24 17:42:22 UTC
https://bugs.freedesktop.org/show_bug.cgi?id=99946
Bug ID: 99946
Summary: xcb_send_event() reads beyond end of argument / is
hard to use correctly
Product: XCB
Version: unspecified
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: medium
Component: Library
Assignee: ***@lists.freedesktop.org
Reporter: ***@znc.in
QA Contact: ***@lists.freedesktop.org
https://bugreports.qt.io/browse/QTBUG-56518 is about valgrind warnings that
occur in Qt. The code in question does basically:
xcb_unmap_notify_event_t event;
set all fields of event;
xcb_send_event(c, false, root, mask, &event);
The problem here is that sizeof(event) is 16 while xcb_send_event() expects 32
bytes of event data. So the argument needs to be "something bigger". This is
quite unintuitive and it seems like everyone using xcb_send_event() is getting
this wrong. (I would claim that I know may way around XCB and I did not know
this!)
Can there be a version of xcb_send_event() which gets a length argument? Are
there any other ideas on how this could be made safer or more obvious?
Bug ID: 99946
Summary: xcb_send_event() reads beyond end of argument / is
hard to use correctly
Product: XCB
Version: unspecified
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: medium
Component: Library
Assignee: ***@lists.freedesktop.org
Reporter: ***@znc.in
QA Contact: ***@lists.freedesktop.org
https://bugreports.qt.io/browse/QTBUG-56518 is about valgrind warnings that
occur in Qt. The code in question does basically:
xcb_unmap_notify_event_t event;
set all fields of event;
xcb_send_event(c, false, root, mask, &event);
The problem here is that sizeof(event) is 16 while xcb_send_event() expects 32
bytes of event data. So the argument needs to be "something bigger". This is
quite unintuitive and it seems like everyone using xcb_send_event() is getting
this wrong. (I would claim that I know may way around XCB and I did not know
this!)
Can there be a version of xcb_send_event() which gets a length argument? Are
there any other ideas on how this could be made safer or more obvious?
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.