Skip to content

Disallow byte-swapped clients by default

The X server swapping code is a huge attack surface, much of this code is untested and prone to security issues. The use-case of byte-swapped clients is very niche, so let's disable this by default and allow it only when the respective config option or commandline flag is given.

For Xorg, this adds the ServerFlag "AllowByteSwappedClients" "on". For all DDX, this adds the commandline options +byteswappedclients and -byteswappedclients.

Fixes #1201 (closed)

Test program: byteswap.c, compile with gcc -o byteswap byteswap.c

cc @DemiMarie, @alanc, @ofourdan

Edited by Peter Hutterer

Merge request reports