[xsrc/netbsd-8]: xsrc/external/mit Pull up following revision(s) (requested b...

To: source-changes-hg%NetBSD.org@localhost
Subject: [xsrc/netbsd-8]: xsrc/external/mit Pull up following revision(s) (requested b...
From: martin <martin%NetBSD.org@localhost>
Date: Tue, 14 Feb 2023 16:26:30 +0000

details:   https://anonhg.NetBSD.org/xsrc/rev/5d6bb879f95c
branches:  netbsd-8
changeset: 7422:5d6bb879f95c
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Feb 14 15:54:26 2023 +0000

description:
Pull up following revision(s) (requested by mrg in ticket #1797):

        external/mit/xorg-server.old/dist/Xi/exevents.c: revision 1.2
        external/mit/xorg-server/dist/Xi/exevents.c     (apply patch)

pullover fix from xorg-server 21.1.7:
  https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec

Xi: fix potential use-after-free in DeepCopyPointerClasses
CVE-2023-0494, ZDI-CAN-19596

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Peter Hutterer's avatarPeter Hutterer <peter.hutterer%who-t.net@localhost>

diffstat:

 external/mit/xorg-server.old/dist/Xi/exevents.c |  4 +++-
 external/mit/xorg-server/dist/Xi/exevents.c     |  5 +++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diffs (31 lines):

diff -r a0626200bc3d -r 5d6bb879f95c external/mit/xorg-server.old/dist/Xi/exevents.c
--- a/external/mit/xorg-server.old/dist/Xi/exevents.c   Mon Jan 23 13:33:04 2023 +0000
+++ b/external/mit/xorg-server.old/dist/Xi/exevents.c   Tue Feb 14 15:54:26 2023 +0000
@@ -586,8 +586,10 @@
             }
             memcpy(to->button->xkb_acts, from->button->xkb_acts,
                     sizeof(XkbAction));
-        } else
+        } else {
             free(to->button->xkb_acts);
+            to->button->xkb_acts = NULL;
+       }
 
          memcpy(to->button->labels, from->button->labels,
                 from->button->numButtons * sizeof(Atom));
diff -r a0626200bc3d -r 5d6bb879f95c external/mit/xorg-server/dist/Xi/exevents.c
--- a/external/mit/xorg-server/dist/Xi/exevents.c       Mon Jan 23 13:33:04 2023 +0000
+++ b/external/mit/xorg-server/dist/Xi/exevents.c       Tue Feb 14 15:54:26 2023 +0000
@@ -574,9 +574,10 @@
             }
             memcpy(to->button->xkb_acts, from->button->xkb_acts,
                    sizeof(XkbAction));
-        }
-        else
+        } else {
             free(to->button->xkb_acts);
+            to->button->xkb_acts = NULL;
+       }
 
         memcpy(to->button->labels, from->button->labels,
                from->button->numButtons * sizeof(Atom));

Prev by Date: [src/trunk]: src/sys/dev/wscons add flags for drivers to requesr R2L bit/byte...
Next by Date: [xsrc/netbsd-9]: xsrc/external/mit Pull up following revision(s) (requested b...
Previous by Thread: [src/trunk]: src/sys/dev/wscons add flags for drivers to requesr R2L bit/byte...
Next by Thread: [xsrc/netbsd-9]: xsrc/external/mit Pull up following revision(s) (requested b...
Indexes:

Home | Main Index | Thread Index | Old Index