jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

xorg-server: backport fix for use after free after switch VT

Browse source 
See: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1067
This commit is contained in:
Đoàn Trần Công Danh 2020-09-09 22:59:17 +07:00
parent 5fdd01f5d8
commit 06ff7e7448
2 changed files with 31 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
srcpkgs/xorg-server/patches/fix-use-after-free-after-switch-vt.patch Normal file
View file

@ -0,0 +1,30 @@
From 919f1f46fc67dae93b2b3f278fcbfc77af34ec58 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michel=20D=C3=A4nzer?= <mdaenzer@redhat.com>
Date: Mon, 31 Aug 2020 12:10:43 +0200
Subject: [PATCH] xfree86: Take second reference for SavedCursor in
xf86CursorSetCursor
The same pointer is kept in CurrentCursor as well, therefore two
RefCursor calls are needed.
Fixes use-after-free after switching VTs.
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1067
---
hw/xfree86/ramdac/xf86CursorRD.c | 3 +++
1 file changed, 3 insertions(+)
diff --git hw/xfree86/ramdac/xf86CursorRD.c hw/xfree86/ramdac/xf86CursorRD.c
index 9aa3de97bd..c8362d1690 100644
--- hw/xfree86/ramdac/xf86CursorRD.c
+++ hw/xfree86/ramdac/xf86CursorRD.c
@@ -334,6 +334,9 @@ xf86CursorSetCursor(DeviceIntPtr pDev, ScreenPtr pScreen, CursorPtr pCurs,
ScreenPriv->HotY = cursor->bits->yhot;
if (!infoPtr->pScrn->vtSema) {
+ cursor = RefCursor(cursor);
+ if (ScreenPriv->SavedCursor)
+ FreeCursor(ScreenPriv->SavedCursor, None);
ScreenPriv->SavedCursor = cursor;
return;
}

4
srcpkgs/xorg-server/template
View file

@ -1,7 +1,7 @@
# Template file for 'xorg-server'
pkgname=xorg-server
version=1.20.9
revision=1
revision=2
build_style=meson
configure_args="-Dipv6=true -Dxorg=true -Dxnest=true -Dxephyr=true
-Dxvfb=true -Dhal=false -Dudev=true -Dxkb_dir=/usr/share/X11/xkb
@ -30,8 +30,6 @@ lib32disabled=yes
provides="xserver-abi-extension-10_1 xserver-abi-input-24_1
xserver-abi-video-24_1 xf86-video-modesetting-1_1"
replaces="xf86-video-modesetting>=0 glamor-egl>=0"
subpackages="xorg-server-devel xorg-server-xdmx xorg-server-xephyr
xorg-server-xnest xorg-server-xvfb xorg-server-xwayland"
conf_files="/etc/X11/Xwrapper.config"
build_options="elogind"