Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: X.Org Security Advisory For X11 Going Back To 1993

  1. #1
    Join Date
    Jan 2007
    Posts
    15,089

    Default X.Org Security Advisory For X11 Going Back To 1993

    Phoronix: X.Org Security Advisory For X11 Going Back To 1993

    An X.Org security advisory was issued this week in regards to authenticated X clients being able to cause the X Server to use memory after it was freed. This particular use-after-free memory issue, which could lead to a system crash and memory corruption, has been present in every X11/X.Org Server release going back to September of 1993...

    http://www.phoronix.com/vr.php?view=MTQ4MjI

  2. #2
    Join Date
    Feb 2011
    Posts
    1,223

    Default

    So besides crashing the system, is there any other risk here?

  3. #3
    Join Date
    Dec 2011
    Posts
    2,098

    Default

    20 years old bug.
    Nobody probably touched this code.
    It probably isn't even used on modern systems.
    Few probably knew what it was doing.

    X.org needs to burn some code with fire.
    Throw out legacy stuff that isn't needed on modern systems.

  4. #4
    Join Date
    Jan 2013
    Posts
    1,458

    Default

    Quote Originally Posted by uid313 View Post
    X.org needs to burn some code with fire.
    Throw out legacy stuff that isn't needed on modern systems.
    ... like, the entire X?

  5. #5
    Join Date
    Dec 2011
    Posts
    2,098

    Default

    Quote Originally Posted by dee. View Post
    ... like, the entire X?
    No, not DRI2, DRI3 and Xinput 2.

    But remove things like DRI1, XLFD, Xt, Xv, etc.
    There are several input extensions that do the same thing, etc.
    Remove the redundant, duplicate stuff.
    Remove the old parts that aren't used anymore.

  6. #6
    Join Date
    Dec 2010
    Location
    MA, USA
    Posts
    1,375

    Default

    Quote Originally Posted by uid313 View Post
    20 years old bug.
    Nobody probably touched this code.
    It probably isn't even used on modern systems.
    Few probably knew what it was doing.

    X.org needs to burn some code with fire.
    Throw out legacy stuff that isn't needed on modern systems.
    The article specifically said that this bug is known to occur in every version of X11. While I'm sure the occurrence is rare (particularly due to the fact that systems have more RAM than necessary these days) and very situational, I think it's still good to knock out a bug that has been surviving an embarrassingly long time.


    I get the impression this bug wasn't very difficult to fix - gets me to wonder how many other bugs are still around that could have been fixed years ago.

  7. #7
    Join Date
    Dec 2011
    Posts
    2,098

    Default

    Quote Originally Posted by schmidtbag View Post
    The article specifically said that this bug is known to occur in every version of X11. While I'm sure the occurrence is rare (particularly due to the fact that systems have more RAM than necessary these days) and very situational, I think it's still good to knock out a bug that has been surviving an embarrassingly long time.


    I get the impression this bug wasn't very difficult to fix - gets me to wonder how many other bugs are still around that could have been fixed years ago.
    Yeah, someone need to run AdressSanitizer, Valgrind or some static code analysis tool over the code base.

  8. #8
    Join Date
    Aug 2012
    Location
    Pennsylvania, United States
    Posts
    1,910

    Default

    Quote Originally Posted by uid313 View Post
    No, not DRI2, DRI3 and Xinput 2.

    But remove things like DRI1, XLFD, Xt, Xv, etc.
    There are several input extensions that do the same thing, etc.
    Remove the redundant, duplicate stuff.
    Remove the old parts that aren't used anymore.
    Thats a marketing problem, uid. It came up in Daniel's or Kristin's talk a year or two ago. The reason for XLFD's and 'legacy' crap like that is because when you say "I am an X11 compliant server" their attitude is you can't lie about that. So if you say "I follow X11" you HAVE TO FOLLOW X11's spec. And X11's spec says "XLFD's must be sorted. Core Rendering must be available. Fonts must be available to be handled server side." And a crap ton of other things.

    This is one of the points I tried to hit on, but that people didn't understand at the time, when I wrote The Wayland Situation last year or whenever it was I wrote that:

    Sure, we could make an X12 (the docs are already there) and rip out all of that stuff, but that creates a problem. There are people out there, beyond Xorg, who care about "X" and would want to get a say in "X12." It means we might not GET the clean slate we want / need for one or a dozen different reasons (backwards compatibility being one of them, maybe.) By going creating "Wayland" there's no emotional / mental / etc baggage of "X." Its not "X12" its not even "X" its something COMPLETELY different, its not -claiming- to be X12, its not claiming to be X, it is its own thing.

    If someone ELSE, some other company, or some other group THEN wants to come and along and create X12 as the "True" successor to "X11" and they want to go around to all the Unix vendors (for example) and say "We're making THE TRUE Successor to X11-- X12! Give us your input" And are convinced that the "X" style protocol IS the right way to do things and that the Wayland protocol is the WRONG way to do things, they can. And they can market it as "The Next Generation Of X", "X12" And whatever else they want, assuming they got the copyright from Xorg. Because WE (The Linux community) isn't in the X world anymore. We're in the Wayland world. We're doing our own thing that suits OUR needs in OUR way.

  9. #9
    Join Date
    May 2011
    Posts
    1,557

    Default

    Quote Originally Posted by uid313 View Post
    No, not DRI2, DRI3 and Xinput 2.

    But remove things like DRI1, XLFD, Xt, Xv, etc.
    There are several input extensions that do the same thing, etc.
    Remove the redundant, duplicate stuff.
    Remove the old parts that aren't used anymore.
    If it's not used anymore then it's not bothering anybody.

  10. #10
    Join Date
    Dec 2010
    Location
    MA, USA
    Posts
    1,375

    Default

    Quote Originally Posted by johnc View Post
    If it's not used anymore then it's not bothering anybody.
    That's not quite true. It's kind of like the saying "if it ain't broke, don't fix it", where that's a very naiive and impractical motive (or lack thereof) in the technology world - if there is substantial room for improvement, you might as well consider it broke. While I respect the idea that X11 intends to remain backwards compatibility, anybody who actually demands such old obsoleted technologies to be continued are a burden to both users and developers. It's getting so bad that wayland's development became a necessity. It's kind of like how a year ago when the linux kernel decided to ditch the old i386 architecture - sure there MIGHT be some people out there who still use that architecture, but what kind of i386 system can effectively handle the linux 3.x kernel, and what does the linux 3.x kernel have to offer that i386 users would want/need (assuming whatever is necessary is even physically possible)? While X11 isn't anywhere near as complicated as the linux kernel, the latter point still stands - what hardware from 15+ years ago will have any use of the modern abilities of X11? Anybody who still wants these old features could just simply use an old version of X11. I'm a huge fan of backwards compatibility, but there IS a point where convenience becomes an ever increasing burden.

    I'm not going to pretend I know how everything works in X11 and I'm not saying that X11 unquestionably should just ditch these old features. But another point to make is if X11 intends to keep backwards compatibility, every obsoleted feature that stays with X11 becomes one more thing for developers to maintain.
    Last edited by schmidtbag; 10-10-2013 at 02:50 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •