meta-openembedded/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch - openbmc/openbmc - Gitiles

 CVE: CVE-2020-29074
 Upstream-Status: Backport [https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a ]
 Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>


 From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
 Date: Wed, 18 Nov 2020 08:40:45 +0100
 Subject: [PATCH] scan: limit access to shared memory segments to current user

 ---
  src/scan.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/src/scan.c b/src/scan.c
 index 43e00d20..12994d52 100644
 --- a/src/scan.c
 +++ b/src/scan.c
 @@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h,

  #if HAVE_XSHM
  	shm->shmid = shmget(IPC_PRIVATE,
 -	    xim->bytes_per_line * xim->height, IPC_CREAT | 0777);
 +	    xim->bytes_per_line * xim->height, IPC_CREAT | 0600);

  	if (shm->shmid == -1) {
  		rfbErr("shmget(%s) failed.\n", name);
	CVE: CVE-2020-29074
	Upstream-Status: Backport [https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a ]
	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>


	From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
	From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
	Date: Wed, 18 Nov 2020 08:40:45 +0100
	Subject: [PATCH] scan: limit access to shared memory segments to current user

	---
	src/scan.c \| 2 +-
	1 file changed, 1 insertion(+), 1 deletion(-)

	diff --git a/src/scan.c b/src/scan.c
	index 43e00d20..12994d52 100644
	--- a/src/scan.c
	+++ b/src/scan.c
	@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo shm, XImage *ximg_ptr, int w, int h,

	#if HAVE_XSHM
	shm->shmid = shmget(IPC_PRIVATE,
	- xim->bytes_per_line * xim->height, IPC_CREAT \| 0777);
	+ xim->bytes_per_line * xim->height, IPC_CREAT \| 0600);

	if (shm->shmid == -1) {
	rfbErr("shmget(%s) failed.\n", name);