summarylogtreecommitdiffstats
path: root/0001-Xext-shm-Refuse-to-work-for-remote-clients.patch
diff options
context:
space:
mode:
Diffstat (limited to '0001-Xext-shm-Refuse-to-work-for-remote-clients.patch')
-rw-r--r--0001-Xext-shm-Refuse-to-work-for-remote-clients.patch60
1 files changed, 60 insertions, 0 deletions
diff --git a/0001-Xext-shm-Refuse-to-work-for-remote-clients.patch b/0001-Xext-shm-Refuse-to-work-for-remote-clients.patch
new file mode 100644
index 000000000000..849d64e44ec6
--- /dev/null
+++ b/0001-Xext-shm-Refuse-to-work-for-remote-clients.patch
@@ -0,0 +1,60 @@
+From ec7e2b54c5b4a34b2a077082967bc3ead30e227e Mon Sep 17 00:00:00 2001
+From: Alexander Volkov <a.volkov@rusbitech.ru>
+Date: Tue, 5 Jun 2018 13:05:39 +0300
+Subject: [PATCH] Xext/shm: Refuse to work for remote clients
+
+Avoid access to System V shared memory segment on the X server side
+for clients forwarded via SSH. Also prevent them from hanging while
+waiting for the reply from the ShmCreateSegment request.
+
+v2: Allow ShmQueryVersion request even for remote clients
+
+Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=11080
+Signed-off-by: Alexander Volkov <a.volkov@rusbitech.ru>
+Reviewed-by: Adam Jackson <ajax@redhat.com>
+Signed-off-by: Laurent Carlier <lordheavym@gmail.com>
+---
+ Xext/shm.c | 18 ++++++++++++++----
+ 1 file changed, 14 insertions(+), 4 deletions(-)
+
+diff --git a/Xext/shm.c b/Xext/shm.c
+index fc8441c..896a966 100644
+--- a/Xext/shm.c
++++ b/Xext/shm.c
+@@ -1302,9 +1302,14 @@ static int
+ ProcShmDispatch(ClientPtr client)
+ {
+ REQUEST(xReq);
+- switch (stuff->data) {
+- case X_ShmQueryVersion:
++
++ if (stuff->data == X_ShmQueryVersion)
+ return ProcShmQueryVersion(client);
++
++ if (!client->local)
++ return BadRequest;
++
++ switch (stuff->data) {
+ case X_ShmAttach:
+ return ProcShmAttach(client);
+ case X_ShmDetach:
+@@ -1461,9 +1466,14 @@ static int _X_COLD
+ SProcShmDispatch(ClientPtr client)
+ {
+ REQUEST(xReq);
+- switch (stuff->data) {
+- case X_ShmQueryVersion:
++
++ if (stuff->data == X_ShmQueryVersion)
+ return SProcShmQueryVersion(client);
++
++ if (!client->local)
++ return BadRequest;
++
++ switch (stuff->data) {
+ case X_ShmAttach:
+ return SProcShmAttach(client);
+ case X_ShmDetach:
+--
+2.17.1
+