pidgin/pidgin

fix crash when closing a group chat with spellchk plugin enabled
release-2.x.y
18 months ago, Markus Fischer
bf6049713e98
Parents 1fdbe2cb9344
Children 6de92f3c6bdb
fix crash when closing a group chat with spellchk plugin enabled

Testing Done:
Followed steps to reproduce from the bug report and neither experienced a crash or saw invalid reads related to this in valgrind.

Additionally tested that `g_signal_handlers_disconnect_matched` actually disconnects signal handlers when unloading the spellchk plugin.

Also tested following test case:
* connect an IRC account
* enable spellchk plugin
* join a chat
* disable spellchk plugin
* close chat window

which led to an invalid read before I added the `g_object_remove_weak_pointer` call. Now, I don't see any invalid reads related to this in valgrind anymore.

Bugs closed: PIDGIN-17702

Reviewed at https://reviews.imfreedom.org/r/1951/
1 files changed, 10 insertions(+), 5 deletions(-)
  • +10 -5
    pidgin/plugins/spellchk.c
    • --- a/pidgin/plugins/spellchk.c Sun Oct 23 18:46:44 2022 -0500
    +++ b/pidgin/plugins/spellchk.c Thu Oct 27 20:34:02 2022 -0500
    @@ -289,12 +289,14 @@
    g_return_if_fail(spell != NULL);
    - buffer = gtk_text_view_get_buffer(spell->view);
    + if (spell->view != NULL) {
    + buffer = gtk_text_view_get_buffer(spell->view);
    - g_signal_handlers_disconnect_matched(buffer,
    - G_SIGNAL_MATCH_DATA,
    - 0, 0, NULL, NULL,
    - spell);
    + g_signal_handlers_disconnect_matched(buffer,
    + G_SIGNAL_MATCH_DATA,
    + 0, 0, NULL, NULL,
    + spell);
    + }
    g_free(spell->word);
    g_free(spell);
    }
    @@ -645,6 +647,7 @@
    /* attach to the widget */
    spell = g_new0(spellchk, 1);
    spell->view = view;
    + g_object_add_weak_pointer(G_OBJECT(view), (gpointer*)&spell->view);
    g_object_set_data_full(G_OBJECT(view), SPELLCHK_OBJECT_KEY, spell,
    (GDestroyNotify)spellchk_free);
    @@ -2139,6 +2142,8 @@
    spellchk *spell = g_object_get_data(G_OBJECT(gtkconv->entry), SPELLCHK_OBJECT_KEY);
    g_signal_handlers_disconnect_by_func(gtkconv->entry, message_send_cb, spell);
    + g_object_remove_weak_pointer(G_OBJECT(gtkconv->entry),
    + (gpointer*)&spell->view);
    g_object_set_data(G_OBJECT(gtkconv->entry), SPELLCHK_OBJECT_KEY, NULL);
    }