xserver: Branch 'xwayland-24.1' - 2 commits
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Wed Jun 18 16:47:12 UTC 2025
meson.build | 4 ++--
os/io.c | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 449b197e7e652cb145a25b3b795d3363445d3975
Author: Olivier Fourdan <ofourdan at redhat.com>
Date: Wed Jun 18 18:00:16 2025 +0200
Bump version to 24.1.8
Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2030>
diff --git a/meson.build b/meson.build
index f57dc5d5f..cb18cbbe0 100644
--- a/meson.build
+++ b/meson.build
@@ -3,10 +3,10 @@ project('xwayland', 'c',
'buildtype=debugoptimized',
'c_std=gnu99',
],
- version: '24.1.7',
+ version: '24.1.8',
meson_version: '>= 0.56.0',
)
-release_date = '2025-06-17'
+release_date = '2025-06-18'
add_project_arguments('-DHAVE_DIX_CONFIG_H', language: ['c', 'objc'])
cc = meson.get_compiler('c')
commit d2a7903154479df749691fcd5ae3ef556957f229
Author: Olivier Fourdan <ofourdan at redhat.com>
Date: Wed Jun 18 08:39:02 2025 +0200
os: Check for integer overflow on BigRequest length
Check for another possible integer overflow once we get a complete xReq
with BigRequest.
Related to CVE-2025-49176
Signed-off-by: Olivier Fourdan <ofourdan at redhat.com>
Suggested-by: Peter Harris <pharris2 at rocketsoftware.com>
(cherry picked from commit 4fc4d76b2c7aaed61ed2653f997783a3714c4fe1)
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2030>
diff --git a/os/io.c b/os/io.c
index 32b2d9765..0f5a46695 100644
--- a/os/io.c
+++ b/os/io.c
@@ -398,6 +398,8 @@ ReadRequestFromClient(ClientPtr client)
needed = get_big_req_len(request, client);
}
client->req_len = needed;
+ if (needed > MAXINT >> 2)
+ return -(BadLength);
needed <<= 2;
}
if (gotnow < needed) {
More information about the xorg-commit
mailing list