From c5e3150443d4fe4b72b41b630da4ba0b7340ed3c Mon Sep 17 00:00:00 2001 From: Ting-Wei Lan Date: Sat, 27 Jul 2019 15:28:23 +0800 Subject: [PATCH] gapplication: remove inactivity_timeout source on finalize The event source used to handle inactivity_timeout doesn't hold a reference on the application. Therefore, it is possible for callback function of the event source to run after the application has been freed, leading to use-after-free problem. To avoid the problem, we should remove the event source before the application is freed. This should fix SIGBUS crash of gio/tests/gapplication on FreeBSD. https://gitlab.gnome.org/GNOME/glib/issues/1846#note_566550 --- gio/gapplication.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/gio/gapplication.c b/gio/gapplication.c index 2d2ab48e3..321b34f54 100644 --- a/gio/gapplication.c +++ b/gio/gapplication.c @@ -1372,6 +1372,9 @@ g_application_finalize (GObject *object) { GApplication *application = G_APPLICATION (object); + if (application->priv->inactivity_timeout_id) + g_source_remove (application->priv->inactivity_timeout_id); + g_slist_free_full (application->priv->option_groups, (GDestroyNotify) g_option_group_unref); if (application->priv->main_options) g_option_group_unref (application->priv->main_options);