From 822705fe3e041f78ff411d58b34fc15689ecee0f Mon Sep 17 00:00:00 2001
From: Alexandr Miloslavskiy <alexandr.miloslavskiy@syntevo.com>
Date: Tue, 17 Dec 2019 12:44:33 +0100
Subject: [PATCH] gkimmulticontext: Fix crash due to leaked signal handler

The problem is caused by gtk_im_multicontext_set_slave(), which forgets
to disconnect these signal handlers:
* gtk_im_multicontext_retrieve_surrounding_cb
* gtk_im_multicontext_delete_surrounding_cb

If slave GtkImContext emits signal after GtkIMMulticontext context is
destroyed, this leads to reading freed memory, sometimes causing a crash.

Fixes: #2365
---
 gtk/gtkimmulticontext.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gtk/gtkimmulticontext.c b/gtk/gtkimmulticontext.c
index a8700a8c66..ec67254946 100644
--- a/gtk/gtkimmulticontext.c
+++ b/gtk/gtkimmulticontext.c
@@ -193,6 +193,12 @@ gtk_im_multicontext_set_slave (GtkIMMulticontext *multicontext,
       g_signal_handlers_disconnect_by_func (priv->slave,
 					    gtk_im_multicontext_commit_cb,
 					    multicontext);
+      g_signal_handlers_disconnect_by_func (priv->slave,
+					    gtk_im_multicontext_retrieve_surrounding_cb,
+					    multicontext);
+      g_signal_handlers_disconnect_by_func (priv->slave,
+					    gtk_im_multicontext_delete_surrounding_cb,
+					    multicontext);
 
       g_object_unref (priv->slave);
       priv->slave = NULL;