The original wl_map implementation did no checking to ensures that ids fell
on the correct side of the WL_SERVER_ID_START line. This meant that a
client could send the server a server ID and it would happily try to use
it. Also, there was no distinction between server-side and client-side in
wl_map_remove. Because wl_map_remove added the entry to the free list
regardless of which side it came from, the following set of actions would
break the map:
1. Client creates a bunch of objects
2. Client deletes one or more of those objects
3. Client does something that causes the server to create an object
Because of the problem in wl_map_remove, the server would take an old
client-side id, apply the WL_SERVER_ID_START offset, and try to use it as a
server-side id regardless of whether or not it was valid.
Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
If we cannot increase the array for new entries, we now return 0 instead
of accessing invalid memory.
krh: Edited to return 0 on failure instead. In the initialization path,
we call wl_map_insert_new() to insert NULL at index 0, which also returns
0 but not as an error. Since we do that up front, every other case of
returning 0 is an unambiguous error.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
We might have to perform memory allocations in wl_array_copy(), so catch
out-of-memory errors in wl_array_add() and return -1 before changing any
state.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
The core libwayland libraries should not handle logging, only passing
the error messages to subscribed functions.
An application linked to libwayland-server or libwayland-client
will be able to set own functions (one per library) to handle error
messages.
Change in this series: make the wl_log return int, because
of compatibility with printf. It will return the number of bytes logged.
Set the next and prev pointers of the removed list element to NULL. This
will catch programming errors that would use invalid list pointers,
double-remove for instance.
It also helps debugging, making it easy to see in gdb if an object is
not in a list.
Signed-off-by: Pekka Paalanen <ppaalanen@gmail.com>
We set aside a range of the object ID space for use by the server. This
allows the server to bind an object to an ID for a client and pass that
object to the client. The client can use the object immediately and the
server can emit events to the object immdiately.
