From 63102e1215016f97cd7bdbec1718c62d0ec41972 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Fl=C3=B6ser?= <mgraesslin@kde.org>
Date: Sun, 16 Jul 2017 18:36:14 +0200
Subject: [PATCH] [client] Properly track enteredSurface in Keyboard

Summary:
ASAN found a heap-use-after-free when deleting the focused keyboard
surface in the client library. Keyboard did not track the lifetime of
the focused surface and thus one can access already freed memory.

Test Plan: Adjusted auto test to verify the variable gets cleared

Reviewers: #frameworks, #plasma

Subscribers: plasma-devel

Tags: #plasma_on_wayland, #frameworks

Differential Revision: https://phabricator.kde.org/D6741
---
 src/wayland/autotests/client/test_wayland_seat.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/wayland/autotests/client/test_wayland_seat.cpp b/src/wayland/autotests/client/test_wayland_seat.cpp
index 4ea8a2bb40..2b68b79b13 100644
--- a/src/wayland/autotests/client/test_wayland_seat.cpp
+++ b/src/wayland/autotests/client/test_wayland_seat.cpp
@@ -1562,7 +1562,9 @@ void TestWaylandSeat::testKeyboard()
 
     QSignalSpy serverSurfaceDestroyedSpy(serverSurface, &QObject::destroyed);
     QVERIFY(serverSurfaceDestroyedSpy.isValid());
+    QCOMPARE(keyboard->enteredSurface(), s);
     delete s;
+    QVERIFY(!keyboard->enteredSurface());
     QVERIFY(leftSpy.wait());
     QCOMPARE(serverSurfaceDestroyedSpy.count(), 1);
     QVERIFY(!m_seatInterface->focusedKeyboardSurface());