Description of problem: The `static void ipc_event_binding(json_object *sb_obj)` in ipc-server.c of the sway binary frees an unowned pointer to a json_object, which gets passed in as an arguement to that function, with an unknown lifetime outside of the function. Version-Release number of selected component (if applicable): All built versions of Sway are affected. How reproducible: 100% Steps to Reproduce: 1. Start sway 2. Perform any action, like starting a program or switch workspace Actual results: Triggers unknown behaviour and memory corruption. Expected results: The ownership of the passed in json_object argument is acquired properly, so it doesn't get free'd when passed to json_object_put() at the end of the function call. Additional info: I recently discovered this undefined behaviour in Sway (the problem that was arising with json-c 0.13 [1]) and fixed it with an upstreamed patch [2] in Rawhide. I strongly recommend to backport this to all supported releases of Fedora and EPEL, where Sway has been built for. If you don't object within a week, I'll merge down the master branch and do the builds myself. [1] https://github.com/swaywm/sway/issues/1355 [2] https://github.com/swaywm/sway/pull/1517
Thanks for the report (and the fix!), I'll fix this asap.
Allrighty =) Everything needed is already done in the master branch: https://src.fedoraproject.org/rpms/sway/commits/master So a simple merge-down to the other branches should be fine. ;)
(In reply to Björn "besser82" Esser from comment #2) > Allrighty =) > > Everything needed is already done in the master branch: > https://src.fedoraproject.org/rpms/sway/commits/master > > So a simple merge-down to the other branches should be fine. ;) Yeah, I don't like changelog entries for changes that were never done in a branch (e.g., a rebuild for the json-c soname bump), even if that means the branches diverge. But builds are on the way.
sway-0.15.0-3.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-95eab29cc0
sway-0.15.0-3.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-6aafe5a2f8
sway-0.15.0-3.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6aafe5a2f8
sway-0.15.0-3.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-95eab29cc0
sway-0.15.0-3.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
sway-0.15.0-3.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.