XLibre/xserver
1
1
Fork 0
mirror of https://github.com/X11Libre/xserver.git synced 2026-03-24 12:25:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bc1fdbe46559dd947674375946bbef54dd0ce36b
xserver/Xi
History
Peter Hutterer 4a5e9b1895 Xi: flush hierarchy events after adding/removing master devices 
The `XISendDeviceHierarchyEvent()` function allocates space to store up
to `MAXDEVICES` (256) `xXIHierarchyInfo` structures in `info`.

If a device with a given ID was removed and a new device with the same
ID added both in the same operation, the single device ID will lead to
two info structures being written to `info`.

Since this case can occur for every device ID at once, a total of two
times `MAXDEVICES` info structures might be written to the allocation.

To avoid it, once one add/remove master is processed, send out the
device hierarchy event for the current state and continue. That event
thus only ever has exactly one of either added/removed in it (and
optionally slave attached/detached).

CVE-2024-21885, ZDI-CAN-22744

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
2024-01-16 09:24:26 +01:00
..
allowev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
allowev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgdctl.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
chgdctl.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgfctl.c
Fix XChangeFeedbackControl() request underflow
2021-04-13 14:28:13 +02:00
chgfctl.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgkbd.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
chgkbd.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgkmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
chgkmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgprop.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
chgprop.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
chgptr.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
chgptr.h
Xi: Remove redundant declaration.
2012-05-14 13:17:30 +01:00
closedev.c
Fix spelling/wording issues
2020-07-05 13:07:33 -07:00
closedev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
devbell.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
devbell.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
exevents.c
Xi: when creating a new ButtonClass, set the number of buttons
2024-01-16 09:24:01 +01:00
exglobals.h
xinput: Remove PropagateMask
2020-03-30 21:48:11 +00:00
extinit.c
xi: Implement conversions from internal to Xi2 gesture event structs
2021-05-30 13:26:37 +03:00
getbmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getbmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getdctl.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getdctl.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getfctl.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getfctl.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getfocus.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getfocus.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getkmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getkmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getmmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getmmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getprop.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getprop.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getselev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getselev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
getvers.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
getvers.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
grabdev.c
Fix spelling/wording issues
2020-07-05 13:07:33 -07:00
grabdev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
grabdevb.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
grabdevb.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
grabdevk.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
grabdevk.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
gtmotion.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
gtmotion.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
listdev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
listdev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
meson.build
Add a Meson build system alongside autotools.
2017-04-26 15:25:27 -07:00
opendev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
opendev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
queryst.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
queryst.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
selectev.c
xinput: Remove ExtExclusiveMasks
2020-03-30 21:48:11 +00:00
selectev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
sendexev.c
Xi: Do not try to swap GenericEvent.
2017-06-19 11:58:56 +10:00
sendexev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
setbmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
setbmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
setdval.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
setdval.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
setfocus.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
setfocus.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
setmmap.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
setmmap.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
setmode.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
setmode.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
stubs.c
ddx: add new call to purge input devices that weren't added
2016-10-26 15:35:07 +10:00
ungrdev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
ungrdev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
ungrdevb.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
ungrdevb.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
ungrdevk.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
ungrdevk.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiallowev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xiallowev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xibarriers.c
Xi: lock the input thread for any pointer barrier list manipulation
2019-02-14 09:10:58 +10:00
xibarriers.h
Xi: free barrier code at reset time
2013-05-07 09:41:19 +10:00
xichangecursor.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xichangecursor.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xichangehierarchy.c
Xi: flush hierarchy events after adding/removing master devices
2024-01-16 09:24:26 +01:00
xichangehierarchy.h
xinput: Silence a warning from gcc 11
2021-08-17 16:02:44 -04:00
xigetclientpointer.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xigetclientpointer.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xigrabdev.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xigrabdev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xipassivegrab.c
Xi: disallow passive grabs with a detail > 255
2022-12-14 11:02:06 +10:00
xipassivegrab.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiproperty.c
Xi/randr: fix handling of PropModeAppend/Prepend
2023-10-25 00:32:52 +00:00
xiproperty.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiquerydevice.c
Xi: Work around broken libxcb that doesn't ignore unknown device classes
2021-05-30 13:46:59 +03:00
xiquerydevice.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiquerypointer.c
dix: allocate enough space for logical button maps
2024-01-16 09:23:47 +01:00
xiquerypointer.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiqueryversion.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xiqueryversion.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiselectev.c
xi: Implement selection logic for gesture event types
2021-05-30 13:26:33 +03:00
xiselectev.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xisetclientpointer.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xisetclientpointer.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xisetdevfocus.c
dispatch: Mark swapped dispatch as _X_COLD
2017-03-01 10:16:20 -05:00
xisetdevfocus.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00
xiwarppointer.c
Xi: Use WarpPointerProc hook on XI pointer warping implementation
2017-06-07 14:49:04 +10:00
xiwarppointer.h
Introduce a consistent coding style
2012-03-21 13:54:42 -07:00