[v2] ui/sdl2: fix segment fault caused by null pointer dereference

[PATCH v2] ui/sdl2: fix segment fault caused by null pointer dereference

Posted by Changbin Du 5 years, 6 months ago

I found SDL_GetWindowFromID() sometimes return NULL when I start qemu via
ssh forwarding even the window has been crated already. I am not sure
whether this is a bug of SDL, but we'd better check it carefully.

Signed-off-by: Changbin Du <changbin.du@gmail.com>

---
v2: fix typo.
---
 ui/sdl2.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/ui/sdl2.c b/ui/sdl2.c
index 3c9424eb42..61c7956da3 100644
--- a/ui/sdl2.c
+++ b/ui/sdl2.c
@@ -332,6 +332,10 @@ static void handle_keydown(SDL_Event *ev)
     int gui_key_modifier_pressed = get_mod_state();
     int gui_keysym = 0;
 
+    if (!scon) {
+        return;
+    }
+
     if (!scon->ignore_hotkeys && gui_key_modifier_pressed && !ev->key.repeat) {
         switch (ev->key.keysym.scancode) {
         case SDL_SCANCODE_2:
@@ -412,6 +416,10 @@ static void handle_keyup(SDL_Event *ev)
 {
     struct sdl2_console *scon = get_scon_from_window(ev->key.windowID);
 
+    if (!scon) {
+        return;
+    }
+
     scon->ignore_hotkeys = false;
     sdl2_process_key(scon, &ev->key);
 }
@@ -421,6 +429,10 @@ static void handle_textinput(SDL_Event *ev)
     struct sdl2_console *scon = get_scon_from_window(ev->text.windowID);
     QemuConsole *con = scon ? scon->dcl.con : NULL;
 
+    if (!con) {
+        return;
+    }
+
     if (qemu_console_is_graphic(con)) {
         return;
     }
-- 
2.25.1

Re: [PATCH v2] ui/sdl2: fix segment fault caused by null pointer dereference

Posted by Changbin Du 5 years, 6 months ago

hello, is this ready to merge now?

On Mon, Apr 27, 2020 at 09:24:12PM +0800, Changbin Du wrote:
> I found SDL_GetWindowFromID() sometimes return NULL when I start qemu via
> ssh forwarding even the window has been crated already. I am not sure
> whether this is a bug of SDL, but we'd better check it carefully.
> 
> Signed-off-by: Changbin Du <changbin.du@gmail.com>
> 
> ---
> v2: fix typo.
> ---
>  ui/sdl2.c | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/ui/sdl2.c b/ui/sdl2.c
> index 3c9424eb42..61c7956da3 100644
> --- a/ui/sdl2.c
> +++ b/ui/sdl2.c
> @@ -332,6 +332,10 @@ static void handle_keydown(SDL_Event *ev)
>      int gui_key_modifier_pressed = get_mod_state();
>      int gui_keysym = 0;
>  
> +    if (!scon) {
> +        return;
> +    }
> +
>      if (!scon->ignore_hotkeys && gui_key_modifier_pressed && !ev->key.repeat) {
>          switch (ev->key.keysym.scancode) {
>          case SDL_SCANCODE_2:
> @@ -412,6 +416,10 @@ static void handle_keyup(SDL_Event *ev)
>  {
>      struct sdl2_console *scon = get_scon_from_window(ev->key.windowID);
>  
> +    if (!scon) {
> +        return;
> +    }
> +
>      scon->ignore_hotkeys = false;
>      sdl2_process_key(scon, &ev->key);
>  }
> @@ -421,6 +429,10 @@ static void handle_textinput(SDL_Event *ev)
>      struct sdl2_console *scon = get_scon_from_window(ev->text.windowID);
>      QemuConsole *con = scon ? scon->dcl.con : NULL;
>  
> +    if (!con) {
> +        return;
> +    }
> +
>      if (qemu_console_is_graphic(con)) {
>          return;
>      }
> -- 
> 2.25.1
> 

-- 
Cheers,
Changbin Du

Re: [PATCH v2] ui/sdl2: fix segment fault caused by null pointer dereference

Posted by Gerd Hoffmann 5 years, 6 months ago

On Fri, May 08, 2020 at 09:44:24PM +0800, Changbin Du wrote:
> hello, is this ready to merge now?
> 
> On Mon, Apr 27, 2020 at 09:24:12PM +0800, Changbin Du wrote:
> > I found SDL_GetWindowFromID() sometimes return NULL when I start qemu via
> > ssh forwarding even the window has been crated already. I am not sure
> > whether this is a bug of SDL, but we'd better check it carefully.
> > 
> > Signed-off-by: Changbin Du <changbin.du@gmail.com>

Added to ui queue now.

thanks,
  Gerd