From 574b625914bf6913d44d0c33ed16a7432abeecba Mon Sep 17 00:00:00 2001 From: Jungi Byun Date: Tue, 21 Dec 2021 14:37:36 +0900 Subject: evdev: Prevent race condition in touch events processing Unlike other input devices, touch devices are managed by corresponding handler threads which are not the main thread. InputEvent that is inherited by TouchEvent has a constant pointer member for device, but in touch events case, handler threads may destroy the device which is pointed by events while processing these events in main thread, and this may cause critical potential issues such as crash. In order to prevent this race condition, move device of QEvdevTouchScreenHandler into main thread and delete this device later if QGuiApplication instance exists when handler thread quits, and check event's device is valid when processing touch events. Change-Id: I02583238d97d768abcc544ee882160eda3178282 Reviewed-by: Elvis Lee Reviewed-by: Shawn Rutledge --- src/gui/kernel/qguiapplication.cpp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/gui/kernel/qguiapplication.cpp') diff --git a/src/gui/kernel/qguiapplication.cpp b/src/gui/kernel/qguiapplication.cpp index 313f1bcb54..d6ffb020d0 100644 --- a/src/gui/kernel/qguiapplication.cpp +++ b/src/gui/kernel/qguiapplication.cpp @@ -2789,6 +2789,9 @@ void QGuiApplicationPrivate::processContextMenuEvent(QWindowSystemInterfacePriva void QGuiApplicationPrivate::processTouchEvent(QWindowSystemInterfacePrivate::TouchEvent *e) { + if (!QInputDevicePrivate::isRegistered(e->device)) + return; + modifier_buttons = e->modifiers; QPointingDevice *device = const_cast(static_cast(e->device)); QPointingDevicePrivate *devPriv = QPointingDevicePrivate::get(device); -- cgit v1.2.3