DND: Avoid a use-after-free

Cancelling the gesture causes the last_event pointer to become
invalid. Make a copy of the event so we can keep using it
regardless of the gesture state.

diff --git a/gtk/gtkdragsource.c b/gtk/gtkdragsource.c
index 4d9aee1e10ca45c40677239fc0178a8781d8179b..d75ef3c97cf2edd9c6421e159e51eee3ee4f5169 100644 (file)
--- a/gtk/gtkdragsource.c
+++ b/gtk/gtkdragsource.c
@@ -84,17 +84,21 @@ gtk_drag_source_event_cb (GtkWidget *widget,
                                     start_x + offset_x, start_y + offset_y))
         {
           GdkEventSequence *sequence;
-          const GdkEvent *last_event;
+          GdkEvent *last_event;
           guint button;
 
           sequence = gtk_gesture_single_get_current_sequence (GTK_GESTURE_SINGLE (site->drag_gesture));
-          last_event = gtk_gesture_get_last_event (site->drag_gesture, sequence);
-          button = gtk_gesture_single_get_current_button (GTK_GESTURE_SINGLE (site->drag_gesture));
+          last_event = gdk_event_copy (gtk_gesture_get_last_event (site->drag_gesture, sequence));
 
+          button = gtk_gesture_single_get_current_button (GTK_GESTURE_SINGLE (site->drag_gesture));
           gtk_event_controller_reset (GTK_EVENT_CONTROLLER (site->drag_gesture));
+
           gtk_drag_begin_internal (widget, site->image_def, site->target_list,
                                    site->actions, button, last_event,
                                    start_x, start_y);
+
+          gdk_event_free (last_event);
+
           return TRUE;
         }
     }