[PATCH SECURITY] XKB: Workaround for CVE-2012-0064: Stop calling UngrabAllDevices().

[Cyril Brulebois]

The introduction of XKB debugging functions in the following commit:
| commit 7d2543a3cb3089241982ce4f8984fd723d5312a1
| Author: Daniel Stone <daniel at fooishbar.org>
| Date:   Wed Dec 29 12:03:01 2010 +0000
|
|     XKB: Add debug key actions for grabs & window tree

leads to the ability of bypassing X screen locking programs with key
combinations like: Ctrl+Alt+KP_Multiply (Multiply key on the numpad).

As a quick workaround, stop calling UngrabAllDevices().

On a side note, it doesn't seem to care much about its kill_client
parameter, which is only used to decide which message should be
ErrorF()'d.

This is a candidate for the 1.11 branch.

Signed-off-by: Cyril Brulebois <kibi at debian.org>
---
 hw/xfree86/dixmods/xkbPrivate.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

FWIW in Debian, I chose to revert the commit entirely until the proper
course of action is discussed here. I checked this patch on top of
1.11.3.901 though.

In Cc, Daniel and Peter for their tags on the commit, and Jeremy for
an advanced notice for 1.11.

diff --git a/hw/xfree86/dixmods/xkbPrivate.c b/hw/xfree86/dixmods/xkbPrivate.c
index 06d1c2b..c6e75c5 100644
--- a/hw/xfree86/dixmods/xkbPrivate.c
+++ b/hw/xfree86/dixmods/xkbPrivate.c
@@ -38,10 +38,12 @@ XkbDDXPrivate(DeviceIntPtr dev,KeyCode key,XkbAction *act)
                     PrintDeviceGrabInfo(tmp);
             xf86Msg(X_INFO, "End list of active device grabs\n");
         }
+#if 0
         else if (strcasecmp(msgbuf, "ungrab")==0)
             UngrabAllDevices(FALSE);
         else if (strcasecmp(msgbuf, "clsgrb")==0)
             UngrabAllDevices(TRUE);
+#endif
         else if (strcasecmp(msgbuf, "prwins")==0)
             PrintWindowTree();
     }
-- 
1.7.8.3