Module Name: xsrc
Committed By: martin
Date: Wed Feb 8 17:13:59 UTC 2023
Modified Files:
xsrc/external/mit/xorg-server.old/dist/Xi [netbsd-10]: exevents.c
Log Message:
Pull up following revision(s) (requested by mrg in ticket #73):
external/mit/xorg-server.old/dist/Xi/exevents.c: revision 1.2
pullover fix from xorg-server 21.1.7:
https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec
Xi: fix potential use-after-free in DeepCopyPointerClasses
CVE-2023-0494, ZDI-CAN-19596
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer's avatarPeter Hutterer
<peter.hutterer%who-t.net@localhost>
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c
diff -u xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c:1.1.1.1 xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c:1.1.1.1.6.1
--- xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c:1.1.1.1 Thu Jun 9 09:07:56 2016
+++ xsrc/external/mit/xorg-server.old/dist/Xi/exevents.c Wed Feb 8 17:13:59 2023
@@ -586,8 +586,10 @@ DeepCopyPointerClasses(DeviceIntPtr from
}
memcpy(to->button->xkb_acts, from->button->xkb_acts,
sizeof(XkbAction));
- } else
+ } else {
free(to->button->xkb_acts);
+ to->button->xkb_acts = NULL;
+ }
memcpy(to->button->labels, from->button->labels,
from->button->numButtons * sizeof(Atom));
