Crash: SIGSEGV in QString::fromUtf8 during zwp_input_method_context_v1_surrounding_text
Environment
- maliit-keyboard version: 2.3.1-11.fc43
- maliit-framework version: 2.3.0-10.fc43
- Platform: Fedora 43, x86_64, KWin on Wayland
- Qt version: 5.x (libQt5Core.so.5)
Description
maliit-keyboard crashes with signal 11 (SIGSEGV) when processing a surrounding_text event from the Wayland compositor. The crash occurs inside QString::fromUtf8_helper when called from Maliit::Wayland::InputMethodContext::zwp_input_method_context_v1_surrounding_text. This indicates the const char* pointer passed from KWin is null or invalid and is not null-checked before being decoded.
Stack Trace
#0 QUtf8::convertToUnicodeE(QChar*, char const*, int)
#1 QUtf8::convertToUnicode(char const*, int)
#2 QString::fromUtf8_helper(char const*, int)
#3 Maliit::Wayland::InputMethodContext::zwp_input_method_context_v1_surrounding_text(QString const&, unsigned int, unsigned int)
#4 QtWayland::zwp_input_method_context_v1::handle_surrounding_text(...)
#5 ffi_call
#6 wl_closure_invoke
Expected Behavior
The input method should handle null or empty surrounding_text payloads gracefully without crashing.
Actual Behavior
Process segfaults and terminates.
Notes
- Not yet reliably reproducible
- Crash occurred during normal session usage
- Coredump available locally
Crash: SIGSEGV in
QString::fromUtf8duringzwp_input_method_context_v1_surrounding_textEnvironment
Description
maliit-keyboard crashes with signal 11 (SIGSEGV) when processing a
surrounding_textevent from the Wayland compositor. The crash occurs insideQString::fromUtf8_helperwhen called fromMaliit::Wayland::InputMethodContext::zwp_input_method_context_v1_surrounding_text. This indicates theconst char*pointer passed from KWin is null or invalid and is not null-checked before being decoded.Stack Trace
Expected Behavior
The input method should handle null or empty
surrounding_textpayloads gracefully without crashing.Actual Behavior
Process segfaults and terminates.
Notes