Skip to content

Cancel pending renaming action for a screen in dtor of ScreensPanel #1783

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BenBE wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Cancel pending renaming action for a screen in dtor of ScreensPanel #1783

BenBE wants to merge 1 commit into from
+14 −0

Conversation

@BenBE
Copy link
Member

@BenBE BenBE commented Oct 9, 2025

Fixes an UAF issue when editing the screen configuration.

Fixes: #1760

@BenBE BenBE added this to the 3.5.0 milestone Oct 9, 2025
@BenBE BenBE added the bug 🐛 Something isn't working label Oct 9, 2025
@BenBE BenBE force-pushed the screen-edit-fixes branch from c320f7f to fe11022 Compare October 9, 2025 07:13
@Explorer09
Copy link
Contributor

Explorer09 commented Jan 3, 2026

I tested this in macOS Tahoe just now and it seems like the bug fix works.

One issue remaining, though. When built in GCC with LTO there is this warning:

ScreensPanel.c:62:19: error: potential null pointer dereference [-Werror=null-dereference]
   62 |       item->value = this->saved;
      |                   ^

So the code has to tune a little bit:

diff --git a/ScreensPanel.c b/ScreensPanel.c
index eaf06920..e5ab1ded 100644
--- a/ScreensPanel.c
+++ b/ScreensPanel.c
@@ -57,10 +57,10 @@ static void ScreensPanel_delete(Object* object) {
    /* cancel any pending edit action */
    if (this->renamingItem) {
       ListItem* item = (ListItem*) Panel_getSelected(super);
-      assert(item);
       assert(item == this->renamingItem);
 
-      item->value = this->saved;
+      if (item)
+         item->value = this->saved;
       this->renamingItem = NULL;
       super->cursorOn = false;

And that's it.

@BenBE BenBE force-pushed the screen-edit-fixes branch from fe11022 to 0957f1a Compare January 3, 2026 00:16
@BenBE BenBE force-pushed the screen-edit-fixes branch from 0957f1a to dbdad20 Compare January 3, 2026 00:18
@Explorer09 Explorer09 mentioned this pull request Jan 3, 2026
Open
@BenBE BenBE linked an issue Jan 9, 2026 that may be closed by this pull request
When renaming a screen in Setup, mouse click on another screen item doesn't stop renaming #1848
Open
@BenBE
Copy link
Member Author

BenBE commented Jan 11, 2026

@Explorer09 Do you have an idea for a fix to the issue you mentioned in #1848? I think the fixes will likely be related thus I'd like to handle it in one go.

@Explorer09
Copy link
Contributor

Explorer09 commented Jan 11, 2026

@Explorer09 Do you have an idea for a fix to the issue you mentioned in #1848? I think the fixes will likely be related thus I'd like to handle it in one go.

Nope. Not yet. I'm busy with my personal work these days and won't be able to look at the problem.

@Explorer09
Copy link
Contributor

Explorer09 commented Jan 13, 2026

@Explorer09 Do you have an idea for a fix to the issue you mentioned in #1848? I think the fixes will likely be related thus I'd like to handle it in one go.

@BenBE

I just managed to get some free time and diagnosed the problem with GDB, and I have a partial fix:

diff --git a/ScreensPanel.c b/ScreensPanel.c
index 2ba7b940..acda42ad 100644
--- a/ScreensPanel.c
+++ b/ScreensPanel.c
@@ -77,6 +77,13 @@ static HandlerResult ScreensPanel_eventHandlerRenaming(Panel* super, int ch) {
    }
 
    switch (ch) {
+      case EVENT_SET_SELECTED: {
+         ListItem* item = (ListItem*) Panel_getSelected(super);
+         if (item != this->renamingItem)
+            goto renameFinish;
+         break;
+      }
+
       case 127:
       case KEY_BACKSPACE:
          if (this->cursor > 0) {
@@ -93,8 +100,9 @@ static HandlerResult ScreensPanel_eventHandlerRenaming(Panel* super, int ch) {
          if (!item)
             break;
          assert(item == this->renamingItem);
+renameFinish:
          free(this->saved);
-         item->value = xStrdup(this->buffer);
+         this->renamingItem->value = xStrdup(this->buffer);
          this->renamingItem = NULL;
          super->cursorOn = false;
          Panel_setSelectionColor(super, PANEL_SELECTION_FOCUS);

This at the minimum, avoids the crash when combined with your commit dbdad20. The issue though, is that the modified screen name might not get applied when the ScreensPanel itself loses focus.

In ScreenManager_run, it looks like the Panel_eventHandler function is fired only for panelFocus, so I didn't yet find a way to catch the event when the ScreensPanel loses focus.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug 🐛 Something isn't working

Projects

None yet

Milestone

3.5.0

Development

Successfully merging this pull request may close these issues.

When renaming a screen in Setup, mouse click on another screen item doesn't stop renaming Multiple Screens not working

2 participants

@BenBE @Explorer09