From 9ad47a897ed7c64c730e8d0489793bc2ecce228c Mon Sep 17 00:00:00 2001 From: Peter Hutterer Date: Tue, 28 Jun 2016 11:52:39 +1000 Subject: [PATCH] Fix segfault caused by forced indicator update (#1335439) --- ...to-the-xkb-indicator-update-after-a-.patch | 45 +++++++++++++++++++ xorg-x11-server.spec | 6 ++- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 0001-xkb-add-a-cause-to-the-xkb-indicator-update-after-a-.patch diff --git a/0001-xkb-add-a-cause-to-the-xkb-indicator-update-after-a-.patch b/0001-xkb-add-a-cause-to-the-xkb-indicator-update-after-a-.patch new file mode 100644 index 0000000..388af66 --- /dev/null +++ b/0001-xkb-add-a-cause-to-the-xkb-indicator-update-after-a-.patch @@ -0,0 +1,45 @@ +From ed4f5ebde487bda2b8bda4cb4a1455f41a7c2933 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Tue, 28 Jun 2016 11:42:41 +1000 +Subject: [PATCH xserver] xkb: add a cause to the xkb indicator update after a + keymap change + +Regression introduce by ac164e58870d which calls +XkbUpdateAllDeviceIndicators() with two NULL arguments. A few layers down into +the stack and we triggered a NULL-pointer dereference. In theory a NULL cause +is acceptable since we don't actually change modifier state here. Instead of +updating all places to check for NULL just set the cause to the client +request and go to the pub. + +https://bugs.freedesktop.org/show_bug.cgi?id=96384 + +Signed-off-by: Peter Hutterer +--- + xkb/xkb.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/xkb/xkb.c b/xkb/xkb.c +index 3a6ad65..678f823 100644 +--- a/xkb/xkb.c ++++ b/xkb/xkb.c +@@ -5706,6 +5706,7 @@ ProcXkbGetKbdByName(ClientPtr client) + xkbGetGeometryReply grep = { 0 }; + XkbComponentNamesRec names = { 0 }; + XkbDescPtr xkb, new; ++ XkbEventCauseRec cause; + unsigned char *str; + char mapFile[PATH_MAX]; + unsigned len; +@@ -6016,7 +6017,8 @@ ProcXkbGetKbdByName(ClientPtr client) + new = NULL; + } + XkbFreeComponentNames(&names, FALSE); +- XkbUpdateAllDeviceIndicators(NULL, NULL); ++ XkbSetCauseXkbReq(&cause, X_kbGetKbdByName, client); ++ XkbUpdateAllDeviceIndicators(NULL, &cause); + + return Success; + } +-- +2.7.4 + diff --git a/xorg-x11-server.spec b/xorg-x11-server.spec index c43875a..793ae50 100644 --- a/xorg-x11-server.spec +++ b/xorg-x11-server.spec @@ -45,7 +45,7 @@ Summary: X.Org X11 X server Name: xorg-x11-server Version: 1.18.3 -Release: 6%{?gitdate:.%{gitdate}}%{dist} +Release: 7%{?gitdate:.%{gitdate}}%{dist} URL: http://www.x.org License: MIT Group: User Interface/X @@ -111,6 +111,7 @@ Patch10003: 0002-present-Fix-presentation-of-flips-out-of-order.patch # Bug 1047151 - Numlock LED incorrect after keyboard map switch Patch10004: 0001-xkb-after-changing-the-keymap-force-an-indicator-upd.patch +Patch10005: 0001-xkb-add-a-cause-to-the-xkb-indicator-update-after-a-.patch %global moduledir %{_libdir}/xorg/modules %global drimoduledir %{_libdir}/dri @@ -649,6 +650,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete %changelog +* Tue Jun 28 2016 Peter Hutterer 1.18.3-7 +- Fix segfault caused by forced indicator update (#1335439) + * Fri Jun 17 2016 Hans de Goede - 1.18.3-6 - Add switchable-graphics / prime fixes from f24 branch - Add some more switchable-graphics / prime fixes from upstream