Xi: allocate enough XkbActions for our buttons - xorg/xserver - X server (mirrored from https://gitlab.freedesktop.org/xorg/xserver)

diff options

author	Peter Hutterer <peter.hutterer@who-t.net>	2023-11-28 15:19:04 +1000
committer	Peter Hutterer <peter.hutterer@who-t.net>	2023-12-13 10:44:49 +1000
commit	0c1a93d319558fe3ab2d94f51d174b4f93810afd (patch)
tree	ece996df4ccbd99d8e6ef2d0e2fec0a468d921b4 /include
parent	14f480010a93ff962fef66a16412fafff81ad632 (diff)

Xi: allocate enough XkbActions for our buttons

button->xkb_acts is supposed to be an array sufficiently large for all our buttons, not just a single XkbActions struct. Allocating insufficient memory here means when we memcpy() later in XkbSetDeviceInfo we write into memory that wasn't ours to begin with, leading to the usual security ooopsiedaisies. CVE-2023-6377, ZDI-CAN-22412, ZDI-CAN-22413 This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: