Skip to content
Snippets Groups Projects
Commit 0ba6d8c3 authored by Peter Hutterer's avatar Peter Hutterer
Browse files

Xi: fix potential use-after-free in DeepCopyPointerClasses 


CVE-2023-0494, ZDI-CAN-19596

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: default avatarPeter Hutterer <peter.hutterer@who-t.net>
parent a7ee25f6
No related branches found
No related tags found
1 merge request!1063Xi: fix potential use-after-free in DeepCopyPointerClasses
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 1 deletion
Xi/exevents.c
+ 3
1
View file @ 0ba6d8c3
......@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to)
memcpy(to->button->xkb_acts, from->button->xkb_acts,
sizeof(XkbAction));
}
else
else {
free(to->button->xkb_acts);
to->button->xkb_acts = NULL;
}
memcpy(to->button->labels, from->button->labels,
from->button->numButtons * sizeof(Atom));
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment