Bug 65186

Summary: weston-editor crashes when writing a long line
Product: Wayland Reporter: Noah Menzi <menzinoah>
Component: westonAssignee: Wayland bug list <wayland-bugs>
Status: VERIFIED FIXED QA Contact:
Severity: major    
Priority: medium CC: anasuyax.r.nannuri
Version: unspecified   
Hardware: x86-64 (AMD64)   
OS: Linux (All)   
Whiteboard:
i915 platform: i915 features:

Description Noah Menzi 2013-05-30 17:21:25 UTC 
If you write a long line in weston-editor (just press a key and hold it for some time) weston-editor crashes with Error message:

Error sending request: Numerical result out of range
Program received signal SIGABRT, Aborted.


gdb weston-editor:

--------------- snip ------------
input language is en 
input language is en
Error sending request: Numerical result out of range

Program received signal SIGABRT, Aborted.
0x00007ffff521b1c9 in raise () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ffff521b1c9 in raise () from /usr/lib/libc.so.6
#1  0x00007ffff521c5c8 in abort () from /usr/lib/libc.so.6
#2  0x00007ffff7bd51b4 in wl_proxy_marshal (proxy=0x704680, 
    opcode=opcode@entry=5) at wayland-client.c:376
#3  0x00000000004062bb in wl_text_input_set_surrounding_text (
    anchor=<optimized out>, cursor=<optimized out>, text=<optimized out>, 
    wl_text_input=<optimized out>) at text-client-protocol.h:464
#4  text_entry_update (entry=entry@entry=0x712e40) at editor.c:644
#5  0x000000000040652d in text_entry_insert_at_cursor (
    entry=entry@entry=0x712e40, text=text@entry=0x7fffffffe3f0 "i", 
    cursor=cursor@entry=0, anchor=anchor@entry=0) at editor.c:687
#6  0x000000000040676f in key_handler (window=<optimized out>, 
    input=<optimized out>, time=<optimized out>, key=<optimized out>, 
    sym=<optimized out>, state=<optimized out>, data=0x7fffffffe550)
    at editor.c:1109
#7  0x0000000000408578 in keyboard_repeat_func (task=0x629ca0, 
    events=<optimized out>) at window.c:2913
#8  0x000000000040dc07 in display_run (display=0x624750) at window.c:5240
#9  0x0000000000405d5c in main (argc=1, argv=<optimized out>) at editor.c:1184


weston -v:

Date: 2013-05-30 CEST
[15:09:51.334] weston 1.1.90
               http://wayland.freedesktop.org/
               Bug reports to: https://bugs.freedesktop.org/enter_bug.cgi?product=Wayland&component=weston&version=1.1.90
               Build: 1.1.0-174-gb846a8d-dirty screenshooter: Scale damage by output scale in screen recorder (2013-05-29 10:22:15 -0400)
[15:09:51.334] OS: Linux, 3.9.4-1-ARCH, #1 SMP PREEMPT Sat May 25 16:14:55 CEST 2013, x86_64
Comment 1 Rob Bradford 2013-07-08 17:00:31 UTC 
Hhmm that because there is a limit on the closure of 1024 bytes. Unfortunately the editor sends the whole contents of the editor as the surrounding text.
Comment 2 Kristian Høgsberg 2014-01-09 06:33:56 UTC 
*** Bug 71750 has been marked as a duplicate of this bug. ***
Comment 3 Kristian Høgsberg 2014-01-09 22:28:59 UTC 
commit c102c20f01c84abde71b7f208aae9b232226da1e
Author: chi ding <chi.ding@mobica.com>
Date:   Thu Dec 5 14:28:53 2013 +0100

    Fix buffer overflow when serializing a closure object
    
    Here is the JIRA page of this issue
    https://bugs.tizen.org/jira/browse/TIVI-1889
    
    Change-Id: I773a6d2d8f6fd02ff10c92450db1fa8a69544219
    Signed-off-by: Chi Ding <chi.ding@mobica.com>
    Closes: https://bugs.freedesktop.org/show_bug.cgi?id=65186

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.