Allow disabling byte-swapped clients on 21.1-branch (!1440) · Merge requests · xorg / xserver

Alan Coopersmith requested to merge alanc/xserver:byteswap-option into server-21.1-branch Mar 23, 2024

The X server swapping code is a huge attack surface, much of this code is untested and prone to security issues. The use-case of byte-swapped clients is very niche, so allow users to disable this if they don't need it, using either a config option or commandline flag.

For Xorg, this adds the ServerFlag "AllowByteSwappedClients" "off". For all DDX, this adds the commandline options +byteswappedclients and -byteswappedclients to enable or disable, respectively.

Fixes #1201 (closed)
Signed-off-by: Peter Hutterer peter.hutterer@who-t.net

(cherry picked from commit 41277766)
(cherry picked from commit af5cd5ac)
Backport to server-21.1-branch modified to keep byte-swapping enabled by default but easy to disable by users or admins (or even by distros shipping an xorg.conf.d fragment in their packages).

Signed-off-by: Alan Coopersmith alan.coopersmith@oracle.com

Admin message

Allow disabling byte-swapped clients on 21.1-branch

Merge request reports