Fix buggy patch to CVE-2022-46340

This commit is contained in:
Peter Hutterer 2022-12-19 10:18:48 +10:00
parent 75e6f92d0f
commit fc0c7be4e3
2 changed files with 41 additions and 1 deletions

View File

@ -0,0 +1,35 @@
From bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30 Mon Sep 17 00:00:00 2001
From: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon, 19 Dec 2022 10:06:45 +1000
Subject: [PATCH xserver] Xext: fix invalid event type mask in
XTestSwapFakeInput
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
hexadecimal 0x177.
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
Xtest: disallow GenericEvents in XTestSwapFakeInput
Found by Stuart Cassoff
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Xext/xtest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Xext/xtest.c b/Xext/xtest.c
index 2985a4ce6e..dde5c4cf9d 100644
--- a/Xext/xtest.c
+++ b/Xext/xtest.c
@@ -502,7 +502,7 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
- int evtype = ev->u.u.type & 0x177;
+ int evtype = ev->u.u.type & 0177;
/* Swap event */
proc = EventSwapVector[evtype];
/* no swapping proc; invalid event type? */
--
2.38.1

View File

@ -46,7 +46,7 @@
Summary: X.Org X11 X server
Name: xorg-x11-server
Version: 1.20.14
Release: 11%{?gitdate:.%{gitdate}}%{?dist}
Release: 12%{?gitdate:.%{gitdate}}%{?dist}
URL: http://www.x.org
License: MIT
@ -131,6 +131,8 @@ Patch119: 0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch
Patch120: 0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch
# CVE-2022-46283
Patch121: 0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch
# Fix for buggy patch to CVE-2022-46340
Patch122: 0008-Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch
BuildRequires: make
BuildRequires: systemtap-sdt-devel
@ -545,6 +547,9 @@ find %{inst_srcdir}/hw/xfree86 -name \*.c -delete
%changelog
* Mon Dec 19 2022 Peter Hutterer <peter.hutterer@redhat.com> - 1.20.14-12
- Fix buggy patch to CVE-2022-46340
* Wed Dec 14 2022 Peter Hutterer <peter.hutterer@redhat.com> 1.20.14-11
- CVE fix for: CVE-2022-4283, CVE-2022-46340, CVE-2022-46341,
CVE-2022-46342, CVE-2022-46343, CVE-2022-46344