xserver: Branch 'master'

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Mon Sep 10 14:57:05 UTC 2018 

 glx/createcontext.c |   12 ++++++++++++
 1 file changed, 12 insertions(+)

New commits:
commit 75448671abe2c6ae3745eb5d2ed2e76df2de9c41
Author: Olivier Fourdan <ofourdan at redhat.com>
Date:   Wed Sep 5 15:20:17 2018 +0200

    glx: check for indirect context in CreateContextAttribsARB()
    
    Commit 99f0365b "Add a command line argument for disabling indirect GLX"
    added a test to check if indirect context are enabled in
    `DoCreateContext()` but `__glXDisp_CreateContextAttribsARB()` doesn't
    use `DoCreateContext()` and doesn't check if indirect context is
    enabled.
    
    As a result, clients can still manage to create indirect contexts using
    `glXCreateContextAttribsARB()` even if indirect contexts are disabled,
    which can possibly crash Xservers such as Xwayland or Xephyr when the
    context is destroyed.
    
    To avoid the issue, check for `enableIndirectGLX` in
    `__glXDisp_CreateContextAttribsARB()` as well.
    
    Fixes: 99f0365b "Add a command line argument for disabling indirect GLX"
    Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107508
    Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>

diff --git a/glx/createcontext.c b/glx/createcontext.c
index 7d09c3a1c..24b02ddfb 100644
--- a/glx/createcontext.c
+++ b/glx/createcontext.c
@@ -28,6 +28,7 @@
 #include "glxserver.h"
 #include "glxext.h"
 #include "indirect_dispatch.h"
+#include "opaque.h"
 
 #define ALL_VALID_FLAGS \
     (GLX_CONTEXT_DEBUG_BIT_ARB | GLX_CONTEXT_FORWARD_COMPATIBLE_BIT_ARB \
@@ -320,6 +321,17 @@ __glXDisp_CreateContextAttribsARB(__GLXclientState * cl, GLbyte * pc)
         err = BadAlloc;
     }
     else {
+        /* Only allow creating indirect GLX contexts if allowed by
+         * server command line.  Indirect GLX is of limited use (since
+         * it's only GL 1.4), it's slower than direct contexts, and
+         * it's a massive attack surface for buffer overflow type
+         * errors.
+         */
+        if (!enableIndirectGLX) {
+            client->errorValue = req->isDirect;
+            return BadValue;
+        }
+
         ctx = glxScreen->createContext(glxScreen, config, shareCtx,
                                        req->numAttribs, (uint32_t *) attribs,
                                        &err);

More information about the xorg-commit mailing list