From 0fe98da5f58aa196c28e5670b84512e722d9ee73 Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Wed, 10 Sep 2025 15:55:06 +0200
Subject: [PATCH] xkb: Make the RT_XKBCLIENT resource private
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently, the resource in only available to the xkb.c source file.

In preparation for the next commit, to be able to free the resources
from XkbRemoveResourceClient(), make that variable private instead.

This is related to:

CVE-2025-62230, ZDI-CAN-27545

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Michel Dänzer <mdaenzer@redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2086>
---
 xkb/xkb.c         | 2 +-
 xkb/xkbsrv_priv.h | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/xkb/xkb.c b/xkb/xkb.c
index 6018f5bf4..af30b0cc8 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -53,7 +53,7 @@ int XkbKeyboardErrorCode;
 CARD32 xkbDebugFlags = 0;
 static CARD32 xkbDebugCtrls = 0;
 
-static RESTYPE RT_XKBCLIENT;
+RESTYPE RT_XKBCLIENT = 0;
 
 /***====================================================================***/
 
diff --git a/xkb/xkbsrv_priv.h b/xkb/xkbsrv_priv.h
index 37dbc886b..894f27eb2 100644
--- a/xkb/xkbsrv_priv.h
+++ b/xkb/xkbsrv_priv.h
@@ -98,6 +98,8 @@
         device->public.realInputProc = oldprocs->realInputProc; \
         device->unwrapProc = oldprocs->unwrapProc;
 
+extern RESTYPE RT_XKBCLIENT;
+
 void xkbUnwrapProc(DeviceIntPtr, DeviceHandleProc, void *);
 
 void XkbForceUpdateDeviceLEDs(DeviceIntPtr keybd);