wok-current: xorg-server/stuff/CVE-2024-31082.patch annotate

wok-current annotate xorg-server/stuff/CVE-2024-31082.patch @ rev 25695

Up linux 5.10.214, Patch xorg-server (CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083)

author	Stanislas Leduc <shann@slitaz.org>
date	Thu Apr 04 08:53:51 2024 +0000 (2 months ago)
parents
children

rev	line source
shann@25695	1 From 6c684d035c06fd41c727f0ef0744517580864cef Mon Sep 17 00:00:00 2001
shann@25695	2 From: Alan Coopersmith <alan.coopersmith@oracle.com>
shann@25695	3 Date: Fri, 22 Mar 2024 19:07:34 -0700
shann@25695	4 Subject: [PATCH] Xquartz: ProcAppleDRICreatePixmap needs to use unswapped
shann@25695	5 length to send reply
shann@25695	6
shann@25695	7 CVE-2024-31082
shann@25695	8
shann@25695	9 Fixes: 14205ade0 ("XQuartz: appledri: Fix byte swapping in replies")
shann@25695	10 Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
shann@25695	11 Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
shann@25695	12 ---
shann@25695	13 hw/xquartz/xpr/appledri.c \| 4 +++-
shann@25695	14 1 file changed, 3 insertions(+), 1 deletion(-)
shann@25695	15
shann@25695	16 diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
shann@25695	17 index 77574655b2..40422b61a9 100644
shann@25695	18 --- a/hw/xquartz/xpr/appledri.c
shann@25695	19 +++ b/hw/xquartz/xpr/appledri.c
shann@25695	20 @@ -272,6 +272,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
shann@25695	21 xAppleDRICreatePixmapReply rep;
shann@25695	22 int width, height, pitch, bpp;
shann@25695	23 void *ptr;
shann@25695	24 + CARD32 stringLength;
shann@25695	25
shann@25695	26 REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq);
shann@25695	27
shann@25695	28 @@ -307,6 +308,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
shann@25695	29 if (sizeof(rep) != sz_xAppleDRICreatePixmapReply)
shann@25695	30 ErrorF("error sizeof(rep) is %zu\n", sizeof(rep));
shann@25695	31
shann@25695	32 + stringLength = rep.stringLength; /* save unswapped value */
shann@25695	33 if (client->swapped) {
shann@25695	34 swaps(&rep.sequenceNumber);
shann@25695	35 swapl(&rep.length);
shann@25695	36 @@ -319,7 +321,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
shann@25695	37 }
shann@25695	38
shann@25695	39 WriteToClient(client, sizeof(rep), &rep);
shann@25695	40 - WriteToClient(client, rep.stringLength, path);
shann@25695	41 + WriteToClient(client, stringLength, path);
shann@25695	42
shann@25695	43 return Success;
shann@25695	44 }
shann@25695	45 --
shann@25695	46 GitLab
shann@25695	47

SliTaz Repositories

wok-current annotate xorg-server/stuff/CVE-2024-31082.patch @ rev 25695