After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 330671 - Too long window titles make the title stick (buffer overflow?)
Too long window titles make the title stick (buffer overflow?)
Status: RESOLVED FIXED
Product: metacity
Classification: Other
Component: general
trunk
Other All
: Normal minor
: ---
Assigned To: Metacity maintainers list
Metacity maintainers list
: 332289 336058 343139 348620 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2006-02-10 13:57 UTC by Mikael Nilsson
Modified: 2006-09-18 02:48 UTC
See Also:
GNOME target: ---
GNOME version: 2.13/2.14



Description Mikael Nilsson 2006-02-10 13:57:10 UTC
Please describe the problem:
If a window gets a too long title, the corresponding button in the window list
can no longer change title.

Steps to reproduce:
1. Open Firefox
2. Go to a somewhere with a long title, such as

http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=There%20goes%20my%20bandwidth%2C%20d%27oh.%20But%20until%20then%3A1%29%20Errr%20not%20just%20Vietnam%2C%20click%20the%20countries%20at%20the%20top%21%20Nepal%20and%20Cambodia%20have%20some%20personal%20faves.2%29%20Errr%20not%20holophonic%2C%20just%20near-binaural.%20Sounds%20like%20OK%20stereo%20on%20speakers.%20Pretty%20good%20immersive%20binaural%20with%20good%20headphones%20%28ear-canal%20phones%20like%20Etymotic%20ER4s%20or%20ER6s%20or%20the%20new%20Shures%20are%20best%29%20but%20not%20as%20good%20%28not%20as%203D%29%20as%20true%20binaural%20%28which%20incidentally%20tends%20to%20sound%20crappy%20on%20normal%20speakers%21%29.%20Details%20in%20%22links/resources%223%29%20Click%20on%20the%20flag%20graphic%20and%20send%20me%20some%20local%20color%2C%20kids.4%29%20In%20%22discography%22%20you%20can%20hear%20what%20I%20actually%20DO%20with%20these%20recordings.%20First%20track%20of%20Vox%20Americana%20is%20a%20popular%20choice.%20Latest%20album%20%28Kagbeni%20Variations%29%20is%20dear%20to%20my%20heart%20but%20YMMV%2C%20it%27s%20kind%20of%20difficult%20listening%20if%20you%27re%20not%20into%20this%20kind%20of%20thing.Btw%20site%20is%20not%20meant%20to%20be%20a%20showcase%20for%20the%20recording%20technique%2C%20the%20best%20thing%20about%20that%20%28the%20technique%29%20is%20that%20you%20put%20a%20kit%20together%20to%20do%20this%20for%20%3C%20US%24325%20these%20days%20that%20will%20sound%20probably%20BETTER%20than%20a%20lot%20of%20my%20recordings.%20Good%20pair%20of%20lav%20mics%20%28Shure%20WL183s%20are%20hot%29%20-%3E%20HiMD%20for%20uncompressed%2016/44%20with%20homemade%20windscreen%20is%20a%20good%20bet./aaron

3. See that the title is looong.
4. Go to www.google.com



Actual results:
The firefox window has title "Google - Firefox (Build blabla)", while the title
of the corresponding window list button is still the same as before.

Expected results:
The title in the window list should continue to follow the title of the window.

Does this happen every time?
Yes

Other information:
I'm using debian unstable, up-to-date.

Also, everything works, no crash. 

However, this *feels* like a potential buffer overflow, and therefore
potentially a security bug !?!

Let me know if I can help.

/Mikael
Comment 1 Mikael Nilsson 2006-02-10 14:06:55 UTC
Seems like a dup of bug #322544.

Please note that metacity displays the right title throughout my testing (i.e. does *not* stick), so it seems the right X properties are set etc.. Doesn't it seem like a GNOME bug if Metacity displays one title, and the Window list another?

And also, how can a (hypothetical) bug in Firefox lead to the title in the window list sticking? Shouldn't the window list sanitize its input?

I's say that bug #322544 needs to be reopened...

/Mikael
Comment 2 Vincent Untz 2006-02-12 11:42:41 UTC
Moving to libwnck. I can not reproduce.
Elijah: do you know if metacity and libwnck are using the same property to get the window title? I guess yes...
Comment 3 Vincent Untz 2006-03-07 07:58:13 UTC
*** Bug 332289 has been marked as a duplicate of this bug. ***
Comment 4 Vincent Untz 2006-03-07 08:00:46 UTC
I can't reproduce with cvs HEAD and firefox 1.5.0.1... Does it still happen for someone?
Comment 5 Mikael Nilsson 2006-03-07 08:04:15 UTC
I will test this as soon as GNOME 2.14 hits debian unstable (shouldn't be too long after the release).

/Mikael
Comment 6 Elijah Newren 2006-03-07 17:00:55 UTC
I was able to duplicate about a week ago (using Mozilla); unfortunately, I didn't have much time to look into it and still don't (http://mail.gnome.org/archives/release-team/2005-December/msg00059.html).  I'll try to take a look before 2.14.1, but it may be 2.14.2 before I can get to it.  Ping me in April if I forget...
Comment 7 Sergej Kotliar 2006-03-26 14:23:55 UTC
*** Bug 336058 has been marked as a duplicate of this bug. ***
Comment 8 Sergej Kotliar 2006-03-26 14:26:30 UTC
Confirming bug due to many dups. 
I get it myself, on GNOME 2.12 with Firefox 1.5.
According to the dupe I just added to this bug, it is also seen in 2.14, so changing the version field to 2.14.
Comment 9 Trever Adams 2006-05-04 22:47:32 UTC
I just closed a bug report for Fedora Core based on this bug and many/most emails in http://lists.samba.org/archive/samba-cvs/2006-May/thread.html causing the problem in the past. It seems to be fixed now as of libwnck RPM package below. I have been trying to duplicate it for about a week now; I have been unable to do so with all the methods that used to work. I hope someone will close it as I believe it is fixed (I have seen it for about 2 years, now I cannot reproduce it).

libwnck-2.14.1-1.fc5.1
Comment 10 Elijah Newren 2006-05-04 23:05:02 UTC
I can still duplicate with the steps given in the original comment of this bug report using CVS HEAD as of today (basically 2.15.0, but there's been no significant change since 2.14.1), so the problem's still there...
Comment 11 Elijah Newren 2006-05-05 01:09:19 UTC
Turns out this is a metacity bug (metacity doesn't clear _NET_WM_VISIBLE_NAME when
it gets a new window title that isn't too long).  I just fixed it in CVS, though.

2006-04-25  Elijah Newren  <newren gmail com>

	Clear _NET_WM_VISIBLE_NAME (and the ICON_ equivalent) when no
	longer being used.  Fixes #330671.

	* src/window.[ch] (struct MetaWindow): new
	using_net_wm_visible_name and using_net_wm_visible_icon_name bits,
	(meta_window_new_with_attrs): initialize these new bits to false
	
	* src/window-props.c (set_title_text, set_window_title, set_icon_title):
	if the _NET_WM_VISIBLE_(ICON_)NAME property was previously set but
	doesn't need to be this time, make sure to clear it
Comment 12 Sergej Kotliar 2006-05-28 10:42:45 UTC
*** Bug 343139 has been marked as a duplicate of this bug. ***
Comment 13 Sergej Kotliar 2006-07-25 10:39:55 UTC
*** Bug 348620 has been marked as a duplicate of this bug. ***