diff options
author | Chris Coulson <chris.coulson@canonical.com> | 2018-07-19 18:26:05 +0100 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2018-08-13 10:35:09 -0400 |
commit | 1ac1697b3b019f50729a6e992065959586e170da (patch) | |
tree | 150e148d1533564df003c9644e51ad8974977a62 | |
parent | 0e92e2c93a65544892d65c3f5950a2d5f8dc7f46 (diff) | |
download | gdm-1ac1697b3b019f50729a6e992065959586e170da.tar.gz |
display-store: Pass the display object rather than the id in the removed signal
By the time GdmDisplayStore emits the "display-removed" signal, the display
is no longer in the store and gdm_display_store_lookup will not work in
signal handlers.
Change the "display-removed" parameter from the display id to the GdmDisplay
object, so that signal handers can perform any cleanup they need to do
CVE-2018-14424
Closes: https://gitlab.gnome.org/GNOME/gdm/issues/401
-rw-r--r-- | daemon/gdm-display-store.c | 11 | ||||
-rw-r--r-- | daemon/gdm-display-store.h | 2 | ||||
-rw-r--r-- | daemon/gdm-local-display-factory.c | 13 | ||||
-rw-r--r-- | daemon/gdm-manager.c | 19 | ||||
-rw-r--r-- | daemon/gdm-manager.h | 3 |
5 files changed, 18 insertions, 30 deletions
diff --git a/daemon/gdm-display-store.c b/daemon/gdm-display-store.c index af76f519..fd24334e 100644 --- a/daemon/gdm-display-store.c +++ b/daemon/gdm-display-store.c @@ -76,15 +76,10 @@ stored_display_new (GdmDisplayStore *store, static void stored_display_free (StoredDisplay *stored_display) { - char *id; - - gdm_display_get_id (stored_display->display, &id, NULL); - g_signal_emit (G_OBJECT (stored_display->store), signals[DISPLAY_REMOVED], 0, - id); - g_free (id); + stored_display->display); g_debug ("GdmDisplayStore: Unreffing display: %p", stored_display->display); @@ -281,9 +276,9 @@ gdm_display_store_class_init (GdmDisplayStoreClass *klass) G_STRUCT_OFFSET (GdmDisplayStoreClass, display_removed), NULL, NULL, - g_cclosure_marshal_VOID__STRING, + g_cclosure_marshal_VOID__OBJECT, G_TYPE_NONE, - 1, G_TYPE_STRING); + 1, G_TYPE_OBJECT); g_type_class_add_private (klass, sizeof (GdmDisplayStorePrivate)); } diff --git a/daemon/gdm-display-store.h b/daemon/gdm-display-store.h index 28359933..0aff8ee2 100644 --- a/daemon/gdm-display-store.h +++ b/daemon/gdm-display-store.h @@ -49,7 +49,7 @@ typedef struct void (* display_added) (GdmDisplayStore *display_store, const char *id); void (* display_removed) (GdmDisplayStore *display_store, - const char *id); + GdmDisplay *display); } GdmDisplayStoreClass; typedef enum diff --git a/daemon/gdm-local-display-factory.c b/daemon/gdm-local-display-factory.c index 5f1ae89e..39f3e30a 100644 --- a/daemon/gdm-local-display-factory.c +++ b/daemon/gdm-local-display-factory.c @@ -805,18 +805,11 @@ on_display_added (GdmDisplayStore *display_store, static void on_display_removed (GdmDisplayStore *display_store, - const char *id, + GdmDisplay *display, GdmLocalDisplayFactory *factory) { - GdmDisplay *display; - - display = gdm_display_store_lookup (display_store, id); - - if (display != NULL) { - g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); - g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); - - } + g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); + g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); } static gboolean diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c index f17bd1a5..f6684a8b 100644 --- a/daemon/gdm-manager.c +++ b/daemon/gdm-manager.c @@ -1541,19 +1541,18 @@ on_display_status_changed (GdmDisplay *display, static void on_display_removed (GdmDisplayStore *display_store, - const char *id, + GdmDisplay *display, GdmManager *manager) { - GdmDisplay *display; + char *id; - display = gdm_display_store_lookup (display_store, id); - if (display != NULL) { - g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); + gdm_display_get_id (display, &id, NULL); + g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); + g_free (id); - g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); + g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); - g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, id); - } + g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, display); } static void @@ -2535,9 +2534,9 @@ gdm_manager_class_init (GdmManagerClass *klass) G_STRUCT_OFFSET (GdmManagerClass, display_removed), NULL, NULL, - g_cclosure_marshal_VOID__STRING, + g_cclosure_marshal_VOID__OBJECT, G_TYPE_NONE, - 1, G_TYPE_STRING); + 1, G_TYPE_OBJECT); g_object_class_install_property (object_class, PROP_XDMCP_ENABLED, diff --git a/daemon/gdm-manager.h b/daemon/gdm-manager.h index 41c68a7a..c8fb3f22 100644 --- a/daemon/gdm-manager.h +++ b/daemon/gdm-manager.h @@ -24,6 +24,7 @@ #include <glib-object.h> +#include "gdm-display.h" #include "gdm-manager-glue.h" G_BEGIN_DECLS @@ -50,7 +51,7 @@ typedef struct void (* display_added) (GdmManager *manager, const char *id); void (* display_removed) (GdmManager *manager, - const char *id); + GdmDisplay *display); } GdmManagerClass; typedef enum |