X11Libre
Race condition in xf86ParsePciBusString
Version
25.0.0.X Release
Description
@metux, I'm sorry that I haven't updated my PRs for a long time, I came back and found one flaw in xorg and xlibre server.
Incidient report here: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1850
Since the Xserver is (mostly) single-threaded (except for input thread), this issue is theoretical - for now.
OTOH, at some point in the future, we'd like to go multi-threaded. But there's still a lot work to do for that.
This isn't an actual bug (ie. something's broken), but more a sloppy programming practice. So I'd welcome PRs for cleaning that up.
This isn't an actual bug (ie. something's broken), but more a sloppy programming practice. So I'd welcome PRs for cleaning that up.
I made a patch in issue, do you mean convert it to PR?
@GermanAizek
0001-xf86pciBus-replace-on-thread-safe-strtok_r-in-xf86Pa.patch
Thank you for reporting the code cleanup request. Could you please open a pull request at Pull requests · X11Libre/xserver for your patch?
0001-xf86pciBus-replace-on-thread-safe-strtok_r-in-xf86Pa.patch
Thank you for reporting the code cleanup request. Could you please open a pull request at Pull requests · X11Libre/xserver for your patch?
PR with patch changes: https://github.com/X11Libre/xserver/pull/1415
@metux,
Xorg team did not appreciate writing thread-safe code.
Do you consider it necessary to ensure security against such attacks in the XLibre project?
Feel free submit patches :)
PR done here: https://github.com/X11Libre/xserver/pull/1415