Attempt to emit beep in untrusted X11 context results in crash
In X11 "untrusted" context provided by the SECURITY extension, there are many restrictions for clients, including prohibition of "Bell" requests, beeps. Server replies for it with BadAccess, as for any request violates SECURITY restrictions. So, if a GTK application running on the untrusted display emits a beep (e.g., when BS pressed in empty input), it crashes when recieved X11 error. As far as I know, gdk_x_error handler doesn't know about request introduced an error and X11 protocol doesn't provide requests in which security context we are, so I stucked with ideas how to fix...
Steps to reproduce
< sure that "gtk-error-bell" option is true (by default) >
xauth -f /tmp/Xu generate :0 . untrusted
XAUTHORITY="/tmp/Xu" mousepad // any application has text inputs
< focus in empty textarea, press BS >
Version information
GTK+ 3.24.26, GTK+ 2.24.32 (reproduced in both versions)
Gentoo Linux
Warnings
(mousepad:14731): Gdk-ERROR **: 03:10:38.418: The program 'mousepad' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadAccess (attempt to access private resource denied)'.
(Details: serial 1117 error_code 10 request_code 104 (core protocol) minor_code 0)
(Note to programmers: normally, X errors are reported asynchronously;
that is, you will receive the error a while after causing it.
To debug your program, run it with the GDK_SYNCHRONIZE environment
variable to change this behavior. You can then get a meaningful
backtrace from your debugger if you break on the gdk_x_error() function.)
Backtrace
#0 _g_log_abort (breakpoint=1) at ../glib-2.66.7/glib/gmessages.c:554
#1 0x00007fd166435f2c in g_log_writer_default (log_level=6,
log_level@entry=G_LOG_LEVEL_ERROR, fields=fields@entry=0x7ffd4733afb0, n_fields=n_fields@entry=6, user_data=user_data@entry=0x0)
at ../glib-2.66.7/glib/gmessages.c:2694
#2 0x00007fd166434177 in g_log_structured_array
(n_fields=6, fields=0x7ffd4733afb0, log_level=G_LOG_LEVEL_ERROR)
at ../glib-2.66.7/glib/gmessages.c:1925
#3 g_log_structured_array
(log_level=G_LOG_LEVEL_ERROR, fields=0x7ffd4733afb0, n_fields=6)
at ../glib-2.66.7/glib/gmessages.c:1898
#4 0x00007fd166434bb8 in g_log_structured_standard
(log_domain=log_domain@entry=0x7fd166815017 "Gdk", log_level=log_level@entry=G_LOG_LEVEL_ERROR, file=file@entry=0x7fd166833f68 "/var/tmp/portage/x11-libs/gtk+-3.24.26/work/gtk+-3.24.26/gdk/x11/gdkdisplay-x11.c", line=line@entry=0x7fd1668339b7 "2763", func=func@entry=0x7fd166834690 <__func__.79610> "_gdk_x11_display_error_event", message_format=message_format@entry=0x7fd1668349e6 "%s")
at ../glib-2.66.7/glib/gmessages.c:1982
#5 0x00007fd1667f58ca in _gdk_x11_display_error_event
(display=display@entry=0x5567fbc94110 [GdkX11Display], error=error@entry=0x7ffd4733b620)
at /usr/src/debug/x11-libs/gtk+-3.24.26/gtk+-3.24.26/gdk/x11/gdkdisplay-x11.c:2763
#6 0x00007fd166802733 in gdk_x_error (error=0x7ffd4733b620, xdisplay=0x5567fbc85d00) at /usr/src/debug/x11-libs/gtk+-3.24.26/gtk+-3.24.26/gdk/x11/gdkmain-x11.c:307
#7 gdk_x_error (xdisplay=0x5567fbc85d00, error=0x7ffd4733b620) at /usr/src/debug/x11-libs/gtk+-3.24.26/gtk+-3.24.26/gdk/x11/gdkmain-x11.c:269
#8 0x00007fd165ce5107 in _XError (dpy=dpy@entry=0x5567fbc85d00, rep=rep@entry=0x5567fc5d0680) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/XlibInt.c:1503
#9 0x00007fd165ce1db7 in handle_error (dpy=0x5567fbc85d00, err=0x5567fc5d0680, in_XReply=<optimized out>) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/xcb_io.c:207
#10 0x00007fd165ce1e55 in handle_response (dpy=dpy@entry=0x5567fbc85d00, response=0x5567fc5d0680, in_XReply=in_XReply@entry=1) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/xcb_io.c:394
#11 0x00007fd165ce2ead in _XReply (dpy=dpy@entry=0x5567fbc85d00, rep=rep@entry=0x7ffd4733b7e0, extra=extra@entry=0, discard=discard@entry=1) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/xcb_io.c:718
#12 0x00007fd165cde2cd in XSync (dpy=0x5567fbc85d00, discard=discard@entry=0) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/Sync.c:44
#13 0x00007fd165cde36b in _XSyncFunction (dpy=<optimized out>) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/Synchro.c:35
#14 0x00007fd165cbd491 in XBell (dpy=0x5567fbc85d00, percent=0) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/Bell.c:43
#15 0x00007fd165d3a1ca in XkbBell (dpy=<optimized out>, window=<optimized out>, percent=<optimized out>, name=<optimized out>) at /usr/src/debug/x11-libs/libX11-1.7.0/libX11-1.7.0/src/xkb/XKBBell.c:150
#16 0x00007fd166bd9df1 in gtk_widget_error_bell (widget=widget@entry=0x5567fc52a4c0 [MousepadView]) at /usr/src/debug/x11-libs/gtk+-3.24.26/gtk+-3.24.26/gtk/gtkwidget.c:11178
#17 0x00007fd166b7e480 in gtk_text_view_backspace (text_view=0x5567fc52a4c0 [MousepadView]) at /usr/src/debug/x11-libs/gtk+-3.24.26/gtk+-3.24.26/gtk/gtktextview.c:7206
Python Exception <class 'gdb.error'> There is no member named v_pointer.:
Unfortunately, backtrace is incomplete due to GDB bug, but I think that's enough.
Edited by Nekun