From 78e8666498490ae25349a44f156d0811b30abb70 Mon Sep 17 00:00:00 2001
From: Bernd Busse <bernd@busse-net.de>
Date: Wed, 4 Aug 2021 17:32:44 +0200
Subject: [PATCH] core: fix rare double-free when xinerama update fails
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Explicitly set `xinerama_scr_regs` to `NULL` after calling free() to
avoid freeing them again.

Under normal operation we free the old xinerama screen region list on
root screen changes and allocate a new one with the updated regions.
On rare occasions — mainly reproducable by changing monitors while DPMS
is in standby — updating the region list might fail as for whatever
reason the xinerama extension is marked as inactive. This would leave
us with an invalid pointer to the already freed region list we would
then attempt to free again on the next root screen change.
---
 src/picom.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/picom.c b/src/picom.c
index 7a4943841e..7127fd79aa 100644
--- a/src/picom.c
+++ b/src/picom.c
@@ -121,6 +121,7 @@ static inline void free_xinerama_info(session_t *ps) {
 		for (int i = 0; i < ps->xinerama_nscrs; ++i)
 			pixman_region32_fini(&ps->xinerama_scr_regs[i]);
 		free(ps->xinerama_scr_regs);
+		ps->xinerama_scr_regs = NULL;
 	}
 	ps->xinerama_nscrs = 0;
 }