From 4e9a67acc6e09b012b6034b1928c2cc6ba0cb1bf Mon Sep 17 00:00:00 2001
From: Robert Mader <robert.mader@posteo.de>
Date: Wed, 4 Nov 2020 19:32:21 +0100
Subject: [PATCH] wayland/subsurface: Check for circular relationships

If a subsurface is equal to or an ancestor of the parent surface
we currently crash. Check for that case and terminate the client.

Closes https://gitlab.gnome.org/GNOME/mutter/-/issues/1521
---
 src/wayland/meta-wayland-subsurface.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/wayland/meta-wayland-subsurface.c b/src/wayland/meta-wayland-subsurface.c
index b4c503d20..bc481db06 100644
--- a/src/wayland/meta-wayland-subsurface.c
+++ b/src/wayland/meta-wayland-subsurface.c
@@ -541,6 +541,17 @@ surface_handle_parent_surface_destroyed (struct wl_listener *listener,
   surface->sub.parent = NULL;
 }
 
+static gboolean
+is_same_or_ancestor (MetaWaylandSurface *surface,
+                     MetaWaylandSurface *other_surface)
+{
+  if (surface == other_surface)
+    return TRUE;
+  if (other_surface->sub.parent)
+    return is_same_or_ancestor (surface, other_surface->sub.parent);
+  return FALSE;
+}
+
 static void
 wl_subcompositor_get_subsurface (struct wl_client   *client,
                                  struct wl_resource *resource,
@@ -560,6 +571,16 @@ wl_subcompositor_get_subsurface (struct wl_client   *client,
       return;
     }
 
+  if (is_same_or_ancestor (surface, parent))
+    {
+      wl_resource_post_error (resource, WL_SUBCOMPOSITOR_ERROR_BAD_SURFACE,
+                              "Circular relationship between wl_surface@%d "
+                              "and parent surface wl_surface@%d",
+                              wl_resource_get_id (surface->resource),
+                              wl_resource_get_id (parent->resource));
+      return;
+    }
+
   if (!meta_wayland_surface_assign_role (surface,
                                          META_TYPE_WAYLAND_SUBSURFACE,
                                          NULL))