From 6f079af2f0358d758684f8cc1d61c2d699ecd3a9 Mon Sep 17 00:00:00 2001 From: Richard Grenville Date: Wed, 12 Sep 2012 12:14:24 +0800 Subject: [PATCH] Bug fix: Double free when XQueryTree() fails Take care of failure of XQueryTree() to prevent it from causing a double-free crash. This usually happens when X is initializing and windows are constantly changing. --- src/compton.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/src/compton.c b/src/compton.c index ef157953..3101771f 100644 --- a/src/compton.c +++ b/src/compton.c @@ -1022,7 +1022,7 @@ paint_all(Display *dpy, XserverRegion region) { } #ifdef DEBUG_REPAINT - printf(" 0x%x", w->id); + printf(" %#010lx", w->id); #endif if (clip_changed) { @@ -1418,8 +1418,17 @@ map_win(Display *dpy, Window id, Window *tchildren; unsigned tnchildren; - XQueryTree(dpy, wid, &troot, &parent, &tchildren, &tnchildren); - XFree(tchildren); + // XQueryTree probably fails if you run compton when X is somehow + // initializing (like add it in .xinitrc). In this case + // just leave it alone. + if(!XQueryTree(dpy, wid, &troot, &parent, &tchildren, + &tnchildren)) { + wid = 0; + break; + } + + if (tchildren) + XFree(tchildren); wid = parent; } @@ -2934,11 +2943,20 @@ main(int argc, char **argv) { && !array_wid_exists(children, nchildren, wid)) { Window troot; Window parent; - Window *tchildren; + Window *tchildren = 0; unsigned tnchildren; - XQueryTree(dpy, wid, &troot, &parent, &tchildren, &tnchildren); - XFree(tchildren); + // XQueryTree probably fails if you run compton when X is somehow + // initializing (like add it in .xinitrc). In this case + // just leave it alone. + if(!XQueryTree(dpy, wid, &troot, &parent, &tchildren, + &tnchildren)) { + wid = 0; + break; + } + + if (tchildren) + XFree(tchildren); wid = parent; }