rpms/xorg-x11-server/F-9 xserver-1.5.0-more-sanity-checks.patch, NONE, 1.1 xorg-x11-server.spec, 1.345, 1.346
Peter Hutterer
whot at fedoraproject.org
Mon Oct 27 02:27:53 UTC 2008
Author: whot
Update of /cvs/pkgs/rpms/xorg-x11-server/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12727
Modified Files:
xorg-x11-server.spec
Added Files:
xserver-1.5.0-more-sanity-checks.patch
Log Message:
* Mon Oct 27 2008 Peter Hutterer <peter.hutterer at redhat.com> 1.5.2-2
- xserver-1.5.0-more-sanity-checks.patch: more sanity checks to stop vmmouse
from segfaulting the server. #434807
xserver-1.5.0-more-sanity-checks.patch:
--- NEW FILE xserver-1.5.0-more-sanity-checks.patch ---
>From 30c077f228f563e4e1f4115b345577d9fd393b68 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer at redhat.com>
Date: Fri, 24 Oct 2008 15:06:49 +1030
Subject: [PATCH] dix: extra sanity-checks against potential NULL-dereferences. #434807
Two minor code paths could potentially crash the server:
- if scr is NULL, we shouldn't try to dereference it.
- if GPE is called with buttons != 0 but the event is not a
ButtonPress or ButtonRelease, the button mapping may dereference a NULL
pointer.
Admittedly the second should never happen, but better to guard against it.
---
dix/getevents.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/dix/getevents.c b/dix/getevents.c
index 1e0edbf..923744d 100644
--- a/dix/getevents.c
+++ b/dix/getevents.c
@@ -537,6 +537,9 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons,
ScreenPtr scr = miPointerGetScreen(pDev);
/* Sanity checks. */
+ if (!scr)
+ return 0;
+
if (type != MotionNotify && type != ButtonPress && type != ButtonRelease)
return 0;
@@ -548,6 +551,9 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons,
if (!pDev->valuator)
return 0;
+ if (buttons && !pDev->button)
+ return 0;
+
if (!coreOnly && pDev->coreEvents)
num_events = 2;
else
--
1.6.0.3
Index: xorg-x11-server.spec
===================================================================
RCS file: /cvs/pkgs/rpms/xorg-x11-server/F-9/xorg-x11-server.spec,v
retrieving revision 1.345
retrieving revision 1.346
diff -u -r1.345 -r1.346
--- xorg-x11-server.spec 13 Oct 2008 14:26:42 -0000 1.345
+++ xorg-x11-server.spec 27 Oct 2008 02:27:22 -0000 1.346
@@ -19,7 +19,7 @@
Summary: X.Org X11 X server
Name: xorg-x11-server
Version: 1.5.2
-Release: 1%{?dist}
+Release: 2%{?dist}
URL: http://www.x.org
License: MIT
Group: User Interface/X
@@ -56,6 +56,9 @@
Patch5010: xserver-1.5.1-global-backtrace.patch
Patch5011: xserver-1.5.2-mieq-backtrace.patch
+# Bug 434807 quick-fix, stops segfaults.
+Patch5012: xserver-1.5.0-more-sanity-checks.patch
+
%define moduledir %{_libdir}/xorg/modules
%define drimoduledir %{_libdir}/dri
%define sdkdir %{_includedir}/xorg
@@ -460,6 +463,10 @@
%changelog
+* Mon Oct 27 2008 Peter Hutterer <peter.hutterer at redhat.com> 1.5.2-2
+- xserver-1.5.0-more-sanity-checks.patch: more sanity checks to stop vmmouse
+ from segfaulting the server. #434807
+
* Mon Oct 13 2008 Adam Jackson <ajax at redhat.com> 1.5.2-1
- xserver 1.5.2
- xserver-1.5.1-global-backtrace.patch: Make backtracing globally available.
More information about the fedora-extras-commits
mailing list