locale1: fix use-after-free in xkb_keymap creation (!4209) · Merge requests · Plasma / KWin

Aleksei Bavshin requested to merge alebastr/kwin:locale1-fix into master Jun 23, 2023

qPrintable creates temporary objects that are destroyed before xkb_keymap_new_from_names is called. It's highly likely that the data we pass to xkbcommon will be overwritten by random data by that point.

Fix that by storing values as QByteArrays just like Xkb::loadKeymapFromConfig does.

Testing (with kwin_wayland --locale1):

$ localectl
System Locale: LANG=en_US.UTF-8
    VC Keymap: us
   X11 Layout: us,ru
  X11 Options: grp:alt_shift_toggle

Before:

Jun 23 02:16:36 sddm-helper-start-wayland[2333]: "kwin_xkbcommon: XKB: Compiling from RMLVO: rules 'evdev', model 'pc105', layout '\xEF\xBF\xBD\xEF\xBF\xBD""C\xEF\xBF\xBD\xEF\xBF\xBDU', variant 'r', options 'grp:alt_"
Jun 23 02:16:36 sddm-helper-start-wayland[2333]: "shift_toggle'\n"

After:

Jun 23 02:30:59 sddm-helper-start-wayland[2520]: "kwin_xkbcommon: XKB: Compiling from RMLVO: rules 'evdev', model 'pc105', layout 'us,ru', variant '', options 'grp:alt_shift_toggle'\n"

locale1: fix use-after-free in xkb_keymap creation

Merge request reports