1
0

- Update to version 1.17.4:

Minor brown-bag release. The important fix here is Martin's
  clientsWritable change which fixes a crash when built against
  xproto 7.0.28.
- supersedes u_0001-os-make-sure-the-clientsWritable-fd_set-is-initializ.patch

OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/xorg-x11-server?expand=0&rev=588
This commit is contained in:
Stefan Dirsch 2015-10-28 17:42:13 +00:00 committed by Git OBS Bridge
parent 052cb7e1e2
commit 79b9f70dc6
5 changed files with 13 additions and 71 deletions

View File

@ -1,63 +0,0 @@
From 7cc7ffd25d5e50b54cb942d07d4cb160f20ff9c5 Mon Sep 17 00:00:00 2001
From: Martin Peres <martin.peres@linux.intel.com>
Date: Fri, 17 Jul 2015 17:21:26 +0300
Subject: [PATCH] os: make sure the clientsWritable fd_set is initialized
before use
In WaitForSomething(), the fd_set clientsWritable may be used unitialized when
the boolean AnyClientsWriteBlocked is set in the WakeupHandler(). This leads to
a crash in FlushAllOutput() after x11proto's commit
2c94cdb453bc641246cc8b9a876da9799bee1ce7.
The problem did not manifest before because both the XFD_SIZE and the maximum
number of clients were set to 256. As the connectionTranslation table was
initalized for the 256 clients to 0, the test on the index not being 0 was
aborting before dereferencing the client #0.
As of commit 2c94cdb453bc641246cc8b9a876da9799bee1ce7 in x11proto, the XFD_SIZE
got bumped to 512. This lead the OutputPending fd_set to have any fd above 256
to be uninitialized which in turns lead to reading an index after the end of
the ConnectionTranslation table. This index would then be used to find the
client corresponding to the fd marked as pending writes and would also result
to an out-of-bound access which would usually be the fatal one.
Fix this by zeroing the clientsWritable fd_set at the beginning of
WaitForSomething(). In this case, the bottom part of the loop, which would
indirectly call FlushAllOutput, will not do any work but the next call to
select will result in the execution of the right codepath. This is exactly what
we want because we need to know the writable clients before handling them. In
the end, it also makes sure that the fds above MaxClient are initialized,
preventing the crash in FlushAllOutput().
Thanks to everyone involved in tracking this one down!
Reported-by: Karol Herbst <freedesktop@karolherbst.de>
Reported-by: Tobias Klausmann <tobias.klausmann@mni.thm.de>
Signed-off-by: Martin Peres <martin.peres@linux.intel.com>
Tested-by: Martin Peres <martin.peres@linux.intel.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=91316
Cc: Ilia Mirkin <imirkin@alum.mit.edu>
Cc: Martin Peres <martin.peres@linux.intel.com>
Cc: Olivier Fourdan <ofourdan@redhat.com
Cc: Adam Jackson <ajax@redhat.com>
Cc: Alan Coopersmith <alan.coopersmith@oracle.com
Cc: Chris Wilson <chris@chris-wilson.co.uk>
---
os/WaitFor.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/os/WaitFor.c b/os/WaitFor.c
index 431f1a6..993c14e 100644
--- a/os/WaitFor.c
+++ b/os/WaitFor.c
@@ -158,6 +158,7 @@ WaitForSomething(int *pClientsReady)
Bool someReady = FALSE;
FD_ZERO(&clientsReadable);
+ FD_ZERO(&clientsWritable);
if (nready)
SmartScheduleStopTimer();
--
2.4.5

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:89b5c6b7e7ec4731645283d2178f607825b75a470e76b3ad3cb1c1dbd2456b73
size 5790514

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0c4b45c116a812a996eb432d8508cf26c2ec8c3916ff2a50781796882f8d6457
size 5791384

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Wed Oct 28 17:32:07 UTC 2015 - sndirsch@suse.com
- Update to version 1.17.4:
Minor brown-bag release. The important fix here is Martin's
clientsWritable change which fixes a crash when built against
xproto 7.0.28.
- supersedes u_0001-os-make-sure-the-clientsWritable-fd_set-is-initializ.patch
-------------------------------------------------------------------
Wed Oct 28 16:23:39 UTC 2015 - sndirsch@suse.com

View File

@ -26,7 +26,7 @@
Name: xorg-x11-server
%define dirsuffix 1.17.3
%define dirsuffix 1.17.4
Summary: X
License: MIT
@ -192,8 +192,6 @@ Patch1162: b_cache-xkbcomp-output-for-fast-start-up.patch
Patch1211: b_0001-Prevent-XSync-Alarms-from-senslessly-calling-CheckTr.patch
Patch1222: b_sync-fix.patch
Patch1300: u_0001-os-make-sure-the-clientsWritable-fd_set-is-initializ.patch
%description
This package contains the X.Org Server.
@ -294,8 +292,6 @@ cp %{SOURCE90} .
### patch222 might not be applicable anymore
#%patch1222 -p1
%patch1300 -p1
find . -type f \! -name '*.orig' \! -path ./source-file-list > source-file-list
%build