wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-08-02 10:52:57 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

openbox: fix use after free

Browse source
This commit is contained in:
oreo639 2023-03-25 16:27:08 -07:00 committed by Đoàn Trần Công Danh
parent a0ee243e74
commit 11d2060bd1
2 changed files with 52 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
srcpkgs/openbox/patches/d41128e5a1002af41c976c8860f8299cfcd3cd72.patch Normal file
View file

@ -0,0 +1,50 @@
From d41128e5a1002af41c976c8860f8299cfcd3cd72 Mon Sep 17 00:00:00 2001
From: pldubouilh <pldubouilh@gmail.com>
Date: Fri, 17 Mar 2023 18:23:47 +0100
Subject: [PATCH] Fix list traversal issue in client_calc_layer
The calls to client_calc_layer_internal can modify stacking_list, which
can cause us to follow dangling ->next pointers (either by the pointer
itself already being freed, or it pointing to a freed area). Avoid this
by copying the list first, the goal is to visit every client in the list
once so this should be fine.
---
openbox/client.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/openbox/client.c b/openbox/client.c
index 7168b2407..b8264587c 100644
--- a/openbox/client.c
+++ b/openbox/client.c
@@ -2742,9 +2742,12 @@ static void client_calc_layer_internal(ObClient *self)
void client_calc_layer(ObClient *self)
{
GList *it;
+ /* the client_calc_layer_internal calls below modify stacking_list,
+ so we have to make a copy to iterate over */
+ GList *list = g_list_copy(stacking_list);
/* skip over stuff above fullscreen layer */
- for (it = stacking_list; it; it = g_list_next(it))
+ for (it = list; it; it = g_list_next(it))
if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break;
/* find the windows in the fullscreen layer, and mark them not-visited */
@@ -2757,7 +2760,7 @@ void client_calc_layer(ObClient *self)
client_calc_layer_internal(self);
/* skip over stuff above fullscreen layer */
- for (it = stacking_list; it; it = g_list_next(it))
+ for (it = list; it; it = g_list_next(it))
if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break;
/* now recalc any windows in the fullscreen layer which have not
@@ -2768,6 +2771,8 @@ void client_calc_layer(ObClient *self)
!WINDOW_AS_CLIENT(it->data)->visited)
client_calc_layer_internal(it->data);
}
+
+ g_list_free(it);
}
gboolean client_should_show(ObClient *self)

4
srcpkgs/openbox/template
View file

@ -1,7 +1,7 @@
# Template file for 'openbox' # Template file for 'openbox'
pkgname=openbox pkgname=openbox
version=3.6.1 version=3.6.1
revision=4 revision=5
build_style=gnu-configure build_style=gnu-configure
configure_args="--enable-startup-notification $(vopt_enable svg librsvg)" configure_args="--enable-startup-notification $(vopt_enable svg librsvg)"
hostmakedepends="automake libtool pkg-config gettext-devel" hostmakedepends="automake libtool pkg-config gettext-devel"
@ -15,7 +15,7 @@ conf_files="
/etc/xdg/openbox/autostart" /etc/xdg/openbox/autostart"
short_desc="Standards compliant, fast, light-weight, extensible window manager" short_desc="Standards compliant, fast, light-weight, extensible window manager"
maintainer="Orphaned <orphan@voidlinux.org>" maintainer="Orphaned <orphan@voidlinux.org>"
license="GPL-2" license="GPL-2.0-or-later"
homepage="http://www.openbox.org" homepage="http://www.openbox.org"
distfiles="http://openbox.org/dist/openbox/openbox-$version.tar.xz" distfiles="http://openbox.org/dist/openbox/openbox-$version.tar.xz"
checksum=abe75855cc5616554ffd47134ad15291fe37ebbebf1a80b69cbde9d670f0e26d checksum=abe75855cc5616554ffd47134ad15291fe37ebbebf1a80b69cbde9d670f0e26d