summary refs log tree commit diff
path: root/pkgs/servers/x11
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2013-04-24 06:29:09 +0000
committerVladimír Čunát <vcunat@gmail.com>2013-04-24 06:29:09 +0000
commitbde20f3e881049c9d019eb34c07d6194b20b0042 (patch)
treef24782e55ca68a214d0fe7585097d97a6aa687dd /pkgs/servers/x11
parent6a29a56c1277d80aa65e063f34a179c847e6d8b4 (diff)
parent50d66b945ee5aceae2bbf2eb791487e18ac9d374 (diff)
downloadnixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar.gz
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar.bz2
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar.lz
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar.xz
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.tar.zst
nixlib-bde20f3e881049c9d019eb34c07d6194b20b0042.zip
Merge branch 'master' into x-updates
Conflicts (just taken x-updates):
	pkgs/servers/x11/xorg/overrides.nix
Diffstat (limited to 'pkgs/servers/x11')
-rw-r--r--pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch34
1 files changed, 34 insertions, 0 deletions
diff --git a/pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch b/pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
new file mode 100644
index 000000000000..d85494f90293
--- /dev/null
+++ b/pkgs/servers/x11/xorg/xorgserver12-CVE-1940.patch
@@ -0,0 +1,34 @@
+From 6ca03b9161d33b1d2b55a3a1a913cf88deb2343f Mon Sep 17 00:00:00 2001
+From: Dave Airlie <airlied@gmail.com>
+Date: Wed, 10 Apr 2013 06:09:01 +0000
+Subject: xf86: fix flush input to work with Linux evdev devices.
+
+So when we VT switch back and attempt to flush the input devices,
+we don't succeed because evdev won't return part of an event,
+since we were only asking for 4 bytes, we'd only get -EINVAL back.
+
+This could later cause events to be flushed that we shouldn't have
+gotten.
+
+This is a fix for CVE-2013-1940.
+
+Signed-off-by: Dave Airlie <airlied@redhat.com>
+Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
+Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+diff --git a/hw/xfree86/os-support/shared/posix_tty.c b/hw/xfree86/os-support/shared/posix_tty.c
+index ab3757a..4d08c1e 100644
+--- a/hw/xfree86/os-support/shared/posix_tty.c
++++ b/hw/xfree86/os-support/shared/posix_tty.c
+@@ -421,7 +421,8 @@ xf86FlushInput(int fd)
+ {
+     fd_set fds;
+     struct timeval timeout;
+-    char c[4];
++    /* this needs to be big enough to flush an evdev event. */
++    char c[256];
+ 
+     DebugF("FlushingSerial\n");
+     if (tcflush(fd, TCIFLUSH) == 0)
+--
+cgit v0.9.0.2-2-gbebe