xwayland 22.1.9 to fix composite: Fix use-after-free of the COW

Merged Olivier Fourdan requested to merge ofourdan/xserver:release-xwayland-22.1.9 into xwayland-22.1


If a client explicitly destroys the compositor overlay window (aka COW), we would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

Make sure to clear the CompScreen pointer to the COW when the latter gets destroyed explicitly by the client.

This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Olivier Fourdan ofourdan@redhat.com Reviewed-by: Adam Jackson ajax@redhat.com (cherry picked from commit 26ef545b)

Merge request reports