Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/x11r7/xserver_xorg-server: add security fix for CVE-2020-14347

Release notes:
https://lists.x.org/archives/xorg-announce/2020-July/003051.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add IGNORE_CVES entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8a46f3237a5f3c7cc59130b05b9afd4290a047fb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bernd Kuhls 5 years ago
parent
2823c889fd
commit
37121ec547
2 changed files with 41 additions and 0 deletions
Split View Show Diff Stats
  1. 36 0
      package/x11r7/xserver_xorg-server/1.20.8/0007-fix-for-ZDI-11426.patch
  2. 5 0
      package/x11r7/xserver_xorg-server/xserver_xorg-server.mk

+ 36 - 0
package/x11r7/xserver_xorg-server/1.20.8/0007-fix-for-ZDI-11426.patch
View File 

@@ -0,0 +1,36 @@
 
+From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001
 
+From: Matthieu Herrb <matthieu@herrb.eu>
 
+Date: Sat, 25 Jul 2020 19:33:50 +0200
 
+Subject: [PATCH] fix for ZDI-11426
 
+
 
+Avoid leaking un-initalized memory to clients by zeroing the
 
+whole pixmap on initial allocation.
 
+
 
+This vulnerability was discovered by:
 
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
 
+
 
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
 
+Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
 
+Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
 
+[downloaded from upstream commit
 
+ https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816]
 
+---
 
+ dix/pixmap.c | 2 +-
 
+ 1 file changed, 1 insertion(+), 1 deletion(-)
 
+
 
+diff --git a/dix/pixmap.c b/dix/pixmap.c
 
+index 1186d7dbbf..5a0146bbb6 100644
 
+--- a/dix/pixmap.c
 
++++ b/dix/pixmap.c
 
+@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
 
+     if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
 
+         return NullPixmap;
 
+ 
+-    pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
 
++    pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
 
+     if (!pPixmap)
 
+         return NullPixmap;
 
+ 
+-- 
+GitLab
 
+

+ 5 - 0
package/x11r7/xserver_xorg-server/xserver_xorg-server.mk
View File 

@@ -38,6 +38,11 @@ XSERVER_XORG_SERVER_DEPENDENCIES = \
 
 	mcookie \
 
 	host-pkgconf
 
 
+ifeq ($(BR2_PACKAGE_XSERVER_XORG_SERVER_V_1_20),y)
 
+# 1.20.8/0007-fix-for-ZDI-11426.patch
 
+XSERVER_XORG_SERVER_IGNORE_CVES += CVE-2020-14347
 
+endif
 
+
 
 # We force -O2 regardless of the optimization level chosen by the
 
 # user, as the X.org server is known to trigger some compiler bugs at
 
 # -Os on several architectures.