ZDI-CAN-19866/CVE-2023-1393
If a client explicitly destroys the compositor overlay window (aka COW),
we would leave a dangling pointer to that window in the CompScreen
structure, which will trigger a use-after-free later.
Make sure to clear the CompScreen pointer to the COW when the latter gets
destroyed explicitly by the client.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Description: xwayland: Detect gbm_bo_get_fd_for_plane at runtime
`gbm_bo_get_fd_for_plane` was introduced in Mesa 21 but some
proprietary GBM implementations (Xilinx) still haven't been updated
to support it:
```
/usr/bin/Xwayland: symbol lookup error: /usr/bin/Xwayland: undefined symbol: gbm_bo_get_fd_for_plane
```
.
Since distros would like to build a single Xwayland binary for all
OEMs of the same architecture, we now make the function always
available.
.
If a real implementation of `gbm_bo_get_fd_for_plane` exists at runtime
then it will be used, otherwise fall back to `gbm_bo_get_fd` or fail.
Author: Daniel van Vugt <daniel.van.vugt@canonical.com>
su-fang