Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[xsrc/netbsd-10]: xsrc/external/mit/xorg-server.old/dist/Xi Pull up following...



details:   https://anonhg.NetBSD.org/xsrc/rev/9c276cc348c5
branches:  netbsd-10
changeset: 7421:9c276cc348c5
user:      martin <martin%NetBSD.org@localhost>
date:      Wed Feb 08 17:13:59 2023 +0000

description:
Pull up following revision(s) (requested by mrg in ticket #73):

        external/mit/xorg-server.old/dist/Xi/exevents.c: revision 1.2

pullover fix from xorg-server 21.1.7:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec

Xi: fix potential use-after-free in DeepCopyPointerClasses
CVE-2023-0494, ZDI-CAN-19596

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Peter Hutterer's avatarPeter Hutterer <peter.hutterer%who-t.net@localhost>

diffstat:

 external/mit/xorg-server.old/dist/Xi/exevents.c |  4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diffs (15 lines):

diff -r 239f61746010 -r 9c276cc348c5 external/mit/xorg-server.old/dist/Xi/exevents.c
--- a/external/mit/xorg-server.old/dist/Xi/exevents.c   Wed Feb 08 17:09:26 2023 +0000
+++ b/external/mit/xorg-server.old/dist/Xi/exevents.c   Wed Feb 08 17:13:59 2023 +0000
@@ -586,8 +586,10 @@
             }
             memcpy(to->button->xkb_acts, from->button->xkb_acts,
                     sizeof(XkbAction));
-        } else
+        } else {
             free(to->button->xkb_acts);
+            to->button->xkb_acts = NULL;
+       }
 
          memcpy(to->button->labels, from->button->labels,
                 from->button->numButtons * sizeof(Atom));



Home | Main Index | Thread Index | Old Index