From 1e9cc606932429e4eb5e60423e9a7e1c0eb8547f Mon Sep 17 00:00:00 2001
From: Julian Orth <ju.orth@gmail.com>
Date: Sat, 7 May 2022 19:59:51 +0200
Subject: [PATCH] wayland: prevent unprivileged clients from binding secure
 globals

---
 src/globals.rs         | 12 ++++++++++--
 src/ifs/wl_registry.rs |  8 +++-----
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/globals.rs b/src/globals.rs
index 89cf6fd0..cd3a20ed 100644
--- a/src/globals.rs
+++ b/src/globals.rs
@@ -174,8 +174,16 @@ impl Globals {
         self.broadcast(state, global.secure(), |r| r.send_global(&global));
     }
 
-    pub fn get(&self, name: GlobalName) -> Result<Rc<dyn Global>, GlobalsError> {
-        self.take(name, false)
+    pub fn get(
+        &self,
+        name: GlobalName,
+        allow_secure: bool,
+    ) -> Result<Rc<dyn Global>, GlobalsError> {
+        let global = self.take(name, false)?;
+        if global.secure() && !allow_secure {
+            return Err(GlobalsError::GlobalDoesNotExist(name));
+        }
+        Ok(global)
     }
 
     pub fn remove<T: WaylandGlobal>(&self, state: &State, global: &T) -> Result<(), GlobalsError> {
diff --git a/src/ifs/wl_registry.rs b/src/ifs/wl_registry.rs
index dcc72ae7..50b3a501 100644
--- a/src/ifs/wl_registry.rs
+++ b/src/ifs/wl_registry.rs
@@ -44,11 +44,9 @@ impl WlRegistry {
 
     fn bind(&self, parser: MsgParser<'_, '_>) -> Result<(), WlRegistryError> {
         let bind: Bind = self.client.parse(self, parser)?;
-        let global = self
-            .client
-            .state
-            .globals
-            .get(GlobalName::from_raw(bind.name))?;
+        let name = GlobalName::from_raw(bind.name);
+        let globals = &self.client.state.globals;
+        let global = globals.get(name, self.client.secure)?;
         if global.interface().name() != bind.interface {
             return Err(WlRegistryError::InvalidInterface(InterfaceError {
                 name: global.name(),