diff options
Diffstat (limited to 'kde-plasma/kwin/files/kwin-5.27.6-fix-locale1-use-after-free-xkb_keymap.patch')
| -rw-r--r-- | kde-plasma/kwin/files/kwin-5.27.6-fix-locale1-use-after-free-xkb_keymap.patch | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/kde-plasma/kwin/files/kwin-5.27.6-fix-locale1-use-after-free-xkb_keymap.patch b/kde-plasma/kwin/files/kwin-5.27.6-fix-locale1-use-after-free-xkb_keymap.patch deleted file mode 100644 index 6fcd3af4cfda..000000000000 --- a/kde-plasma/kwin/files/kwin-5.27.6-fix-locale1-use-after-free-xkb_keymap.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 2d09d7961b09693aa56a99eb3ba9680e84192936 Mon Sep 17 00:00:00 2001 -From: Aleksei Bavshin <alebastr89@gmail.com> -Date: Fri, 23 Jun 2023 03:14:09 -0700 -Subject: [PATCH] locale1: fix use-after-free in xkb_keymap creation - -qPrintable creates temporary objects that are destroyed before -`xkb_keymap_new_from_names` is called. It's highly likely that the data -we pass to xkbcommon will be overwritten by random data by that point. - -Fix that by storing values as QByteArrays just like -`Xkb::loadKeymapFromConfig` does. - - -(cherry picked from commit f70bda9f6de2d38ae3859afb3f96cad1e9c47590) ---- - src/xkb.cpp | 22 +++++++++++++++------- - 1 file changed, 15 insertions(+), 7 deletions(-) - -diff --git a/src/xkb.cpp b/src/xkb.cpp -index 4a5f72d940a..b3bb5e77252 100644 ---- a/src/xkb.cpp -+++ b/src/xkb.cpp -@@ -250,16 +250,24 @@ xkb_keymap *Xkb::loadKeymapFromLocale1() - { - OrgFreedesktopDBusPropertiesInterface locale1Properties(s_locale1Interface, "/org/freedesktop/locale1", QDBusConnection::systemBus(), this); - const QVariantMap properties = locale1Properties.GetAll(s_locale1Interface); -- const QString layouts = properties["X11Layout"].toString(); -+ -+ const QByteArray model = properties["X11Model"].toByteArray(); -+ const QByteArray layout = properties["X11Layout"].toByteArray(); -+ const QByteArray variant = properties["X11Variant"].toByteArray(); -+ const QByteArray options = properties["X11Options"].toByteArray(); -+ - xkb_rule_names ruleNames = { -- nullptr, -- qPrintable(properties["X11Model"].toString()), -- qPrintable(layouts), -- qPrintable(properties["X11Variant"].toString()), -- qPrintable(properties["X11Options"].toString()), -+ .rules = nullptr, -+ .model = model.constData(), -+ .layout = layout.constData(), -+ .variant = variant.constData(), -+ .options = options.constData(), - }; -+ - applyEnvironmentRules(ruleNames); -- m_layoutList = layouts.split(QLatin1Char(',')); -+ -+ m_layoutList = QString::fromLatin1(ruleNames.layout).split(QLatin1Char(',')); -+ - return xkb_keymap_new_from_names(m_context, &ruleNames, XKB_KEYMAP_COMPILE_NO_FLAGS); - } - --- -GitLab - |