From 805c899589001c443f20414319a2dc29b60c3c3f Mon Sep 17 00:00:00 2001 From: Vlad Zahorodnii Date: Sun, 7 May 2023 16:24:05 +0300 Subject: [PATCH] wayland: Validate serial of wl_pointer.set_cursor --- src/wayland/pointer_interface.cpp | 4 ++++ src/wayland/pointer_interface_p.h | 1 + 2 files changed, 5 insertions(+) diff --git a/src/wayland/pointer_interface.cpp b/src/wayland/pointer_interface.cpp index 7bc394e4c6..7312f28183 100644 --- a/src/wayland/pointer_interface.cpp +++ b/src/wayland/pointer_interface.cpp @@ -62,6 +62,9 @@ void PointerInterfacePrivate::pointer_set_cursor(Resource *resource, uint32_t se qCDebug(KWIN_CORE, "Denied set_cursor request from unfocused client"); return; } + if (focusedSerial != serial) { + return; + } if (surface_resource) { surface = SurfaceInterface::get(surface_resource); @@ -159,6 +162,7 @@ void PointerInterface::sendEnter(SurfaceInterface *surface, const QPointF &posit } d->focusedSurface = surface; + d->focusedSerial = serial; d->destroyConnection = connect(d->focusedSurface, &SurfaceInterface::aboutToBeDestroyed, this, [this]() { d->sendLeave(d->seat->display()->nextSerial()); d->sendFrame(); diff --git a/src/wayland/pointer_interface_p.h b/src/wayland/pointer_interface_p.h index 8817a88e7e..c7783d3ce5 100644 --- a/src/wayland/pointer_interface_p.h +++ b/src/wayland/pointer_interface_p.h @@ -36,6 +36,7 @@ public: PointerInterface *q; SeatInterface *seat; SurfaceInterface *focusedSurface = nullptr; + quint32 focusedSerial = 0; QMetaObject::Connection destroyConnection; std::unique_ptr cursor; std::unique_ptr relativePointersV1;