From 5a73cea6aebc44f2ce0e6fe5294898968f13d36c Mon Sep 17 00:00:00 2001
From: "Enrico Weigelt, metux IT consult" <info@metux.net>
Date: Thu, 17 Apr 2025 17:35:37 +0200
Subject: [PATCH] (!1920) Xres: XResQueryClients: enable security filtering

Pass each client we're considering to report through XaceHookClientAccess(),
so security extensions have a chance to filter them out.

Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
---
 Xext/xres.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/Xext/xres.c b/Xext/xres.c
index 90f8bc285..8aa1588a1 100644
--- a/Xext/xres.c
+++ b/Xext/xres.c
@@ -13,6 +13,7 @@
 
 #include "dix/registry_priv.h"
 #include "os/client_priv.h"
+#include "Xext/xace.h"
 
 #include "misc.h"
 #include "os.h"
@@ -230,8 +231,10 @@ ProcXResQueryClients(ClientPtr client)
     num_clients = 0;
     for (i = 0; i < currentMaxClients; i++) {
         if (clients[i]) {
-            current_clients[num_clients] = i;
-            num_clients++;
+            if (XaceHookClientAccess(client, clients[i], DixReadAccess) == Success) {
+                current_clients[num_clients] = i;
+                num_clients++;
+            }
         }
     }