From 99790a2c9205a52fbbec01f21a92c9b7f4ed1d8f Mon Sep 17 00:00:00 2001
From: Olivier Fourdan <ofourdan@redhat.com>
Date: Wed, 10 Sep 2025 15:55:06 +0200
Subject: [PATCH] xkb: Make the RT_XKBCLIENT resource private
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently, the resource in only available to the xkb.c source file.

In preparation for the next commit, to be able to free the resources
from XkbRemoveResourceClient(), make that variable private instead.

This is related to:

CVE-2025-62230, ZDI-CAN-27545

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Michel Dänzer <mdaenzer@redhat.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2086>
---
 xkb/xkb.c         | 2 +-
 xkb/xkbsrv_priv.h | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/xkb/xkb.c b/xkb/xkb.c
index 2433b7d73..5f6420f9e 100644
--- a/xkb/xkb.c
+++ b/xkb/xkb.c
@@ -52,7 +52,7 @@ int XkbKeyboardErrorCode;
 CARD32 xkbDebugFlags = 0;
 static CARD32 xkbDebugCtrls = 0;
 
-static RESTYPE RT_XKBCLIENT;
+RESTYPE RT_XKBCLIENT = 0;
 
 /***====================================================================***/
 
diff --git a/xkb/xkbsrv_priv.h b/xkb/xkbsrv_priv.h
index 8a9592314..c7fb2b2ae 100644
--- a/xkb/xkbsrv_priv.h
+++ b/xkb/xkbsrv_priv.h
@@ -8,6 +8,8 @@
 
 #include "xkbsrv.h"
 
+extern RESTYPE RT_XKBCLIENT;
+
 void xkbUnwrapProc(DeviceIntPtr, DeviceHandleProc, void *);
 
 void XkbForceUpdateDeviceLEDs(DeviceIntPtr keybd);