blob: d1a62147934bdb9dbf33a89391fae95c903b2357 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
From 37539cb0bfe4ed96d4499bf371e6b1a474a740fe Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Thu, 21 Dec 2023 14:10:11 +1000
Subject: [PATCH] Xi: require a pointer and keyboard device for
XIAttachToMaster
If we remove a master device and specify which other master devices
attached slaves should be returned to, enforce that those two are
indeeed a pointer and a keyboard.
Otherwise we can try to attach the keyboards to pointers and vice versa,
leading to possible crashes later.
Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/37539cb0bfe4ed96d4499bf371e6b1a474a740fe]
CVE: CVE-2024-0229
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
Xi/xichangehierarchy.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Xi/xichangehierarchy.c b/Xi/xichangehierarchy.c
index 504defe566..d2d985848d 100644
--- a/Xi/xichangehierarchy.c
+++ b/Xi/xichangehierarchy.c
@@ -270,7 +270,7 @@ remove_master(ClientPtr client, xXIRemoveMasterInfo * r, int flags[MAXDEVICES])
if (rc != Success)
goto unwind;
- if (!IsMaster(newptr)) {
+ if (!IsMaster(newptr) || !IsPointerDevice(newptr)) {
client->errorValue = r->return_pointer;
rc = BadDevice;
goto unwind;
@@ -281,7 +281,7 @@ remove_master(ClientPtr client, xXIRemoveMasterInfo * r, int flags[MAXDEVICES])
if (rc != Success)
goto unwind;
- if (!IsMaster(newkeybd)) {
+ if (!IsMaster(newkeybd) || !IsKeyboardDevice(newkeybd)) {
client->errorValue = r->return_keyboard;
rc = BadDevice;
goto unwind;
--
GitLab
|
