From a5946ba2e2114a11b9ff460cb1d8aa2397789bab Mon Sep 17 00:00:00 2001 From: Robin Gareus Date: Thu, 8 Jun 2023 22:39:14 +0200 Subject: [PATCH] Fix heap-use-after-free at exit Deleting _track_canvas_viewport automatically destroys any child Items. The LocationMarker's group was already destroyed when ~ArdourMarker() runs and calls `delete group`. So first delete the marker, then the canvas --- gtk2_ardour/editor.cc | 2 ++ gtk2_ardour/editor.h | 2 +- gtk2_ardour/editor_canvas.cc | 4 ++-- gtk2_ardour/editor_markers.cc | 6 +++--- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/gtk2_ardour/editor.cc b/gtk2_ardour/editor.cc index d383b148e1..01ae4900d1 100644 --- a/gtk2_ardour/editor.cc +++ b/gtk2_ardour/editor.cc @@ -290,6 +290,7 @@ Editor::Editor () , cd_marker_group (0) , _time_markers_group (0) , _selection_marker_group (0) + , _selection_marker (new LocationMarkers) , hv_scroll_group (0) , h_scroll_group (0) , cursor_scroll_group (0) @@ -887,6 +888,7 @@ Editor::~Editor() delete new_transport_marker_menu; delete editor_ruler_menu; delete _popup_region_menu_item; + delete _selection_marker; delete button_bindings; delete _routes; diff --git a/gtk2_ardour/editor.h b/gtk2_ardour/editor.h index 7e8ba558d4..8cba3635b9 100644 --- a/gtk2_ardour/editor.h +++ b/gtk2_ardour/editor.h @@ -928,7 +928,7 @@ private: /* parent for group for selection marker (above ruler) */ ArdourCanvas::Container* _selection_marker_group; - LocationMarkers _selection_marker; + LocationMarkers* _selection_marker; /* The group containing all other groups that are scrolled vertically and horizontally. diff --git a/gtk2_ardour/editor_canvas.cc b/gtk2_ardour/editor_canvas.cc index 9bf1979f80..fb755f8932 100644 --- a/gtk2_ardour/editor_canvas.cc +++ b/gtk2_ardour/editor_canvas.cc @@ -146,8 +146,8 @@ Editor::initialize_canvas () /* group above rulers, to show selection triangles */ _selection_marker_group = new ArdourCanvas::Container (h_scroll_group); CANVAS_DEBUG_NAME (_selection_marker_group, "Canvas Selection Ruler"); - _selection_marker.start = new SelectionMarker (*this, *_selection_marker_group, "play head", ArdourMarker::SelectionStart); - _selection_marker.end = new SelectionMarker (*this, *_selection_marker_group, "play head", ArdourMarker::SelectionEnd); + _selection_marker->start = new SelectionMarker (*this, *_selection_marker_group, "play head", ArdourMarker::SelectionStart); + _selection_marker->end = new SelectionMarker (*this, *_selection_marker_group, "play head", ArdourMarker::SelectionEnd); _selection_marker_group->raise_to_top (); /* Note that because of ascending-y-axis coordinates, this order is diff --git a/gtk2_ardour/editor_markers.cc b/gtk2_ardour/editor_markers.cc index 227065bc4b..9bb7360880 100644 --- a/gtk2_ardour/editor_markers.cc +++ b/gtk2_ardour/editor_markers.cc @@ -2019,12 +2019,12 @@ Editor::update_selection_markers () { timepos_t start, end; if (get_selection_extents (start, end)) { - _selection_marker.set_position (start, end); - _selection_marker.show (); + _selection_marker->set_position (start, end); + _selection_marker->show (); ActionManager::get_action ("Editor", "cut-paste-section")->set_sensitive (true); ActionManager::get_action ("Editor", "copy-paste-section")->set_sensitive (true); } else { - _selection_marker.hide (); + _selection_marker->hide (); ActionManager::get_action ("Editor", "cut-paste-section")->set_sensitive (false); ActionManager::get_action ("Editor", "copy-paste-section")->set_sensitive (false); }