input/cursor: fix heap-buffer overflow in constraint set_region - sway

commit 34e0cad9acd88ccf18fc24d6917520cfc819abc1
parent 5d13f647f9384e59012c0f829651911564bb5365
Author: Tudor Brindus <me@tbrindus.ca>
Date:   Mon, 25 May 2020 15:20:15 -0400

input/cursor: fix heap-buffer overflow in constraint set_region

Fixes #5383, caused by an oversight in 6f0a0bd.

Diffstat:
M sway/input/cursor.c  | 8 ++++++--

1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/sway/input/cursor.c b/sway/input/cursor.c
@@ -831,8 +831,12 @@ static void handle_constraint_commit(struct wl_listener *listener,
 
 static void handle_pointer_constraint_set_region(struct wl_listener *listener,
 		void *data) {
-	struct sway_cursor *cursor =
-		wl_container_of(listener, cursor, constraint_commit);
+	struct sway_pointer_constraint *sway_constraint =
+		wl_container_of(listener, sway_constraint, set_region);
+	struct wlr_pointer_constraint_v1 *constraint = data;
+	struct sway_seat *seat = constraint->seat->data;
+	struct sway_cursor *cursor = seat->cursor;
+
 	cursor->active_confine_requires_warp = true;
 }

	sway i3-compatible Wayland compositor
	git clone https://git.awy.one/sway
	Log \| Files \| Refs \| README \| LICENSE