packages/libX11
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2022-3554

Browse Source
This commit is contained in:
zhouwenpei 2022-10-24 19:10:59 +08:00
parent 19a056baf9
commit b166000754
2 changed files with 61 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
backport-CVE-2022-3554.patch Normal file
View File

@ -0,0 +1,56 @@
From 1d11822601fd24a396b354fa616b04ed3df8b4ef Mon Sep 17 00:00:00 2001
From: "Thomas E. Dickey" <dickey@invisible-island.net>
Date: Tue, 4 Oct 2022 18:26:17 -0400
Subject: [PATCH] fix a memory leak in XRegisterIMInstantiateCallback
Analysis:
_XimRegisterIMInstantiateCallback() opens an XIM and closes it using
the internal function pointers, but the internal close function does
not free the pointer to the XIM (this would be done in XCloseIM()).
Report/patch:
Date: Mon, 03 Oct 2022 18:47:32 +0800
From: Po Lu <luangruo@yahoo.com>
To: xorg-devel@lists.x.org
Subject: Re: Yet another leak in Xlib
For reference, here's how I'm calling XRegisterIMInstantiateCallback:
XSetLocaleModifiers ("");
XRegisterIMInstantiateCallback (compositor.display,
XrmGetDatabase (compositor.display),
(char *) compositor.resource_name,
(char *) compositor.app_name,
IMInstantiateCallback, NULL);
and XMODIFIERS is:
@im=ibus
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
Conflict:NA
Reference:https://cgit.freedesktop.org/xorg/lib/libX11/commit/?id=1d11822601fd24a396b354fa616b04ed3df8b4ef
---
modules/im/ximcp/imInsClbk.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/modules/im/ximcp/imInsClbk.c b/modules/im/ximcp/imInsClbk.c
index 95b379cb..c10e347f 100644
--- a/modules/im/ximcp/imInsClbk.c
+++ b/modules/im/ximcp/imInsClbk.c
@@ -212,6 +212,9 @@ _XimRegisterIMInstantiateCallback(
if( xim ) {
lock = True;
xim->methods->close( (XIM)xim );
+ /* XIMs must be freed manually after being opened; close just
+ does the protocol to deinitialize the IM. */
+ XFree( xim );
lock = False;
icb->call = True;
callback( display, client_data, NULL );
--
2.27.0

6
libX11.spec
View File

@ -1,12 +1,13 @@
Name: libX11 Name: libX11
Version: 1.8.1 Version: 1.8.1
Release: 1 Release: 2
Summary: Core X11 protocol client library Summary: Core X11 protocol client library
License: MIT License: MIT
URL: http://www.x.org URL: http://www.x.org
Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.tar.xz Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.tar.xz
Patch1: dont-forward-keycode-0.patch Patch1: dont-forward-keycode-0.patch
Patch6001: backport-CVE-2022-3554.patch
BuildRequires: xorg-x11-util-macros >= 1.11 xorg-x11-proto-devel perl-Pod-Usage libXau-devel BuildRequires: xorg-x11-util-macros >= 1.11 xorg-x11-proto-devel perl-Pod-Usage libXau-devel
BuildRequires: libxcb-devel >= 1.2 libXdmcp-devel xorg-x11-xtrans-devel >= 1.0.3-4 make BuildRequires: libxcb-devel >= 1.2 libXdmcp-devel xorg-x11-xtrans-devel >= 1.0.3-4 make
@ -73,6 +74,9 @@ make %{?_smp_mflags} check
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Mon Oct 24 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 1.8.1-2
- fix CVE-2022-3554
* Mon Jun 20 2022 lin zhang <lin.zhang@turbolinux.com.cn> - 1.8.1-1 * Mon Jun 20 2022 lin zhang <lin.zhang@turbolinux.com.cn> - 1.8.1-1
- update to 1.8.1 - update to 1.8.1