Skip to content

fix(x11): nk_stbi_image_to_xsurf corrupting memory when channels != bpl#954

Open
sleeptightAnsiC wants to merge 1 commit into
Immediate-Mode-UI:masterfrom
sleeptightAnsiC:fix_x11_image_corruption
Open

fix(x11): nk_stbi_image_to_xsurf corrupting memory when channels != bpl#954
sleeptightAnsiC wants to merge 1 commit into
Immediate-Mode-UI:masterfrom
sleeptightAnsiC:fix_x11_image_corruption

Conversation

@sleeptightAnsiC
Copy link
Copy Markdown
Contributor

@sleeptightAnsiC sleeptightAnsiC commented May 5, 2026
edited
Loading

Fixes: #950
Obsoletes: #952

See commit message and linked issues for more info.
This might be totally wrong so turning it into the DRAFT.

cc @TomJGooding , @RobLoach

This was referenced May 5, 2026
Closed
Open
@sleeptightAnsiC
Copy link
Copy Markdown
Contributor Author

sleeptightAnsiC commented May 5, 2026
edited
Loading

Hi @riri ,

I'm pretty sure you're the most acknowledged with all X11/Xlib/XCB-related stuff. Mind taking a look here?

Something in my guts tells me nk_stbi_image_to_xsurf is simply wrong. The things it assumes and tries to do look strange in so many ways... but I kept them all unchanged.

One thing I did for testing was running it under Xephyr like so...

$ Xephyr :2 -screen 1000x1000x16 &
$ DISPLAY=:2 twm &
$ DISPLAY=:2 ./bin/demo

...which affects the result of DefaultDepth() and let's me hit all other branches in this function, but I'm not sure how correct this is.

@sleeptightAnsiC sleeptightAnsiC marked this pull request as draft May 5, 2026 03:58
@sleeptightAnsiC sleeptightAnsiC force-pushed the fix_x11_image_corruption branch from ce780cd to ef4953b Compare May 5, 2026 04:07
TomJGooding
TomJGooding reviewed May 7, 2026
View reviewed changes
Comment thread demo/x11/nuklear_xlib.h Outdated
@sleeptightAnsiC sleeptightAnsiC force-pushed the fix_x11_image_corruption branch from ef4953b to da89463 Compare May 7, 2026 19:23
sleeptightAnsiC
sleeptightAnsiC commented May 7, 2026
View reviewed changes
Comment thread demo/x11/nuklear_xlib.h Outdated
TomJGooding
TomJGooding reviewed May 7, 2026
View reviewed changes
Comment thread demo/x11/nuklear_xlib.h Outdated
@sleeptightAnsiC
Copy link
Copy Markdown
Contributor Author

sleeptightAnsiC commented May 8, 2026
edited
Loading

from #954 (comment) :

Doesn't this inadvertently change the channels value?

Weird... This should pretty much cause the same problem as before, but it did not happen [...]

Fixed in the latest force push, [...] I still can't explain why it didn't corrupt/crash on me the first time, [...] I'm getting paranoid at this point

Just for the record: our version of ./example/stb_image.h is so old, it's still affected by nothings/stb#244. That's why my previous patch did not crash even though it was wrong. I'm not paranoid...

@sleeptightAnsiC sleeptightAnsiC force-pushed the fix_x11_image_corruption branch from da89463 to a398938 Compare May 8, 2026 11:24
@TomJGooding
Copy link
Copy Markdown
Contributor

TomJGooding commented May 9, 2026

Just for the record: our version of ./example/stb_image.h is so old, it's still affected by nothings/stb#244. That's why my previous patch did not crash even though it was wrong. I'm not paranoid...

Ah, that makes sense now - good detective work!

@sleeptightAnsiC @TomJGooding
fix(x11): nk_stbi_image_to_xsurf corrupting memory when channels != bpl
cbf8128 
nk_stbi_image_to_xsurf could corrupt memory when image channels
did not match screen surface depth. I fixed it by checking DefaultDepth
ahead of time and only then calling stbi_load* with previously
calculated channels value. Also exported nk_xsurf_image_free with NK_API

TBH, I have no idea about Xlib and don't know what I'm doing,
and a lot of things in nk_stbi_image_to_xsurf was already questionable.

Fixes: Immediate-Mode-UI#950
Obsoletes: Immediate-Mode-UI#952
Co-authored-by: TomJGooding <101601846+TomJGooding@users.noreply.github.com>
@sleeptightAnsiC sleeptightAnsiC force-pushed the fix_x11_image_corruption branch from a398938 to cbf8128 Compare May 9, 2026 14:09
@sleeptightAnsiC
Copy link
Copy Markdown
Contributor Author

sleeptightAnsiC commented May 9, 2026

Alright, I think that's enough. Turning draft into mergable PR.

It doesn't corrupt mem any more, doesn't crash, doesn't misuse stb_image, doesn't misbehave with different DefaultDepth, doesn't leak upon partial failure, etc... That's more than enough for optional feature in a demo.

Our thought process is well documented here. If someone with proper Xlib knowledge will ever come and see this in the future, they'll know what we did right and/or wrong, and what to do next.

@sleeptightAnsiC sleeptightAnsiC marked this pull request as ready for review May 9, 2026 14:41
@RobLoach
Copy link
Copy Markdown
Contributor

RobLoach commented May 12, 2026

I defer my review to Tom here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RobLoach RobLoach RobLoach left review comments

+1 more reviewer

@TomJGooding TomJGooding TomJGooding left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Images in X11 backend only works with RGBA

3 participants

@sleeptightAnsiC @TomJGooding @RobLoach