From 7e1c3b94f42dfc5e52f0f724b6bf7d03e3b743e3 Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Sat, 10 Jan 2015 12:03:47 -0500
Subject: Fix CVE-2014-8091..8103. Patches were ported from Ubuntu 14.04
 (xorg-server 1.15.1)

---
 xorg-server/Xi/xisetdevfocus.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'xorg-server/Xi/xisetdevfocus.c')

diff --git a/xorg-server/Xi/xisetdevfocus.c b/xorg-server/Xi/xisetdevfocus.c
index aec822c6b..f3584d567 100644
--- a/xorg-server/Xi/xisetdevfocus.c
+++ b/xorg-server/Xi/xisetdevfocus.c
@@ -44,6 +44,8 @@ int
 SProcXISetFocus(ClientPtr client)
 {
     REQUEST(xXISetFocusReq);
+    REQUEST_AT_LEAST_SIZE(xXISetFocusReq);
+
     swaps(&stuff->length);
     swaps(&stuff->deviceid);
     swapl(&stuff->focus);
@@ -56,6 +58,8 @@ int
 SProcXIGetFocus(ClientPtr client)
 {
     REQUEST(xXIGetFocusReq);
+    REQUEST_AT_LEAST_SIZE(xXIGetFocusReq);
+
     swaps(&stuff->length);
     swaps(&stuff->deviceid);
 
-- 
cgit v1.2.3