kosslan
/
quickshell
forked from outfoxxed/quickshell
1
0
Fork 0
Code Pull Requests Activity

core/reloader: fix UAF of old generation during scene destroy

This commit is contained in:
outfoxxed 2024-04-20 00:36:25 -07:00
parent 97bcdbecc1
commit 31462b9797
Signed by: outfoxxed
GPG Key ID: 4C88A185FB89301E
2 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/core/generation.cpp
View File

@ -43,6 +43,17 @@ EngineGeneration::~EngineGeneration() {
if (this->root != nullptr) this->root->deleteLater();
}
void EngineGeneration::destroy() {
if (this->root != nullptr) {
QObject::connect(this->root, &QObject::destroyed, this, [this]() {
delete this;
});
this->root->deleteLater();
this->root = nullptr;
}
}
void EngineGeneration::onReload(EngineGeneration* old) {
if (old != nullptr) {
// if the old generation holds the window incubation controller as the
@ -61,12 +72,8 @@ void EngineGeneration::onReload(EngineGeneration* old) {
emit this->reloadFinished();
if (old != nullptr) {
QTimer::singleShot(0, [this, old]() {
// The delete must happen in the next tick or you get segfaults,
// seems to be deleteLater related.
delete old;
this->postReload();
});
old->destroy();
QObject::connect(old, &QObject::destroyed, this, [this]() { this->postReload(); });
} else {
this->postReload();
}

2
src/core/generation.hpp
View File

@ -43,6 +43,8 @@ public:
DelayedQmlIncubationController delayedIncubationController;
bool reloadComplete = false;
void destroy();
signals:
void filesChanged();
void reloadFinished();