From 806f7554c2268cbb417a55872f60cc96775202a6 Mon Sep 17 00:00:00 2001 From: KalilDev Date: Mon, 31 Aug 2020 10:54:39 -0300 Subject: [PATCH] render: Fix passing the wrong param to ... render_border_textures_for_container. * This was causing an UB because we were trying to get an output from some random offset in the damage, and we were getting the damage after this offset, reading garbage data after the end of the damage struct size * On my machine, the output offset was an nullptr, so when it got dereferenced, core was dumped. --- sway/desktop/render.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sway/desktop/render.c b/sway/desktop/render.c index 7b1b83255..e698761e0 100644 --- a/sway/desktop/render.c +++ b/sway/desktop/render.c @@ -1152,7 +1152,12 @@ static void render_floating_container(struct sway_output *soutput, render_top_border(soutput, damage, con, colors); } render_view(soutput, damage, con, colors); - render_border_textures_for_container(con, damage); + + struct output_and_damage data = { + .output = soutput, + .damage = damage, + }; + render_border_textures_for_container(con, &data); } else { render_container(soutput, damage, con, con->current.focused); }