Fix write to uninitialized bytes for XCB event

As the xcb_send_event man page [1] states,

  In order to properly initialize these bytes, we allocate 32 bytes
  even though we only need less for an xcb_configure_notify_event_t

This commit fixes the following Valgrind error, which could be
triggered by selecting a letter in LyX:

  ==12698== Syscall param writev(vector[...]) points to uninitialised byte(s)
  ==12698==    at 0x61F578D: __writev (writev.c:26)
  ==12698==    by 0x61F578D: writev (writev.c:24)
  ==12698==    by 0x4A83BFC: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
  ==12698==    by 0x4A83FD0: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
  ==12698==    by 0x4A84246: ??? (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
  ==12698==    by 0x4A84ACB: xcb_flush (in /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0)
  ==12698==    by 0x17C8F06: lyx::frontend::GuiApplication::nativeEventFilter(QByteArray const&, void*, long*) (GuiApplication.cpp:3366)
  ==12698==    by 0x5AA4EEE: QAbstractEventDispatcher::filterNativeEvent(QByteArray const&, void*, long*) (qabstracteventdispatcher.cpp:484)

[1] https://www.x.org/releases/current/doc/man/man3/xcb_send_event.3.xhtml

diff --git a/src/frontends/qt/GuiApplication.cpp b/src/frontends/qt/GuiApplication.cpp
index 8fdd9bf99d1ecec2080c8a314ee6b799d034c512..2cdd5f6e3b37134ad1c96a0a1f751fc23e5d09fb 100644 (file)
--- a/src/frontends/qt/GuiApplication.cpp
+++ b/src/frontends/qt/GuiApplication.cpp
@@ -3352,18 +3352,26 @@ bool GuiApplication::nativeEventFilter(const QByteArray & eventType,
                                // not doing that, maybe because of our
                                // "persistent selection" implementation
                                // (see comments in GuiSelection.cpp).
-                               xcb_selection_notify_event_t nev;
-                               nev.response_type = XCB_SELECTION_NOTIFY;
-                               nev.requestor = srev->requestor;
-                               nev.selection = srev->selection;
-                               nev.target = srev->target;
-                               nev.property = XCB_NONE;
-                               nev.time = XCB_CURRENT_TIME;
+
+                               // It is expected that every X11 event is 32 bytes long,
+                               // even if not all 32 bytes are needed. See:
+                               // https://www.x.org/releases/current/doc/man/man3/xcb_send_event.3.xhtml
+                               // TODO switch to Q_DECLARE_XCB_EVENT(event, xcb_selection_notify_event_t)
+                               //      once we require qt >= 5.6.3 or just copy the macro def.
+                               xcb_selection_notify_event_t *nev = (xcb_selection_notify_event_t*) calloc(32, 1);
+
+                               nev->response_type = XCB_SELECTION_NOTIFY;
+                               nev->requestor = srev->requestor;
+                               nev->selection = srev->selection;
+                               nev->target = srev->target;
+                               nev->property = XCB_NONE;
+                               nev->time = XCB_CURRENT_TIME;
                                xcb_connection_t * con = QX11Info::connection();
                                xcb_send_event(con, 0, srev->requestor,
                                        XCB_EVENT_MASK_NO_EVENT,
-                                       reinterpret_cast<char const *>(&nev));
+                                       reinterpret_cast<char const *>(nev));
                                xcb_flush(con);
+                               free(nev);
 #endif
                                return true;
                        }