aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* MakeBigReq: don't move the last word, already handled by Data32 (X.Org ↵Karl Tomlinson2015-04-161-2/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2013-7439). MakeBigReq inserts a length field after the first 4 bytes of the request (after req->length), pushing everything else back by 4 bytes. The current memmove moves everything but the first 4 bytes back. If a request aligns to the end of the buffer pointer when MakeBigReq is invoked for that request, this runs over the buffer. Instead, we need to memmove minus the first 4 bytes (which aren't moved), minus the last 4 bytes (so we still align to the previous tail). The 4 bytes that fell out are already handled with Data32, which will handle the buffermax correctly. The case where req->length = 1 was already not functional. Reported by Abhishek Arya <inferno@chromium.org> (against X.Org BTS). https://bugzilla.mozilla.org/show_bug.cgi?id=803762 Reviewed-by: Jeff Muizelaar <jmuizelaar@mozilla.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Rebased-for-NX: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* old-arch cleanup: Drop CRAY support (i.e., drop code related to CRAY, _CRAY, ↵Mike Gabriel2015-04-1653-1031/+26
| | | | WORD64, WORD64ALIGN, MUSTCOPY, UNSIGNEDBITFIELDS definitions).
* drop: nx-X11/config/util/ (not needed at build time).Mike Gabriel2015-04-1449-6480/+1
|
* imake clean-up: nx-X11/config/Imakefile (drop BuildDPSLibrary related ↵Mike Gabriel2015-04-141-4/+1
| | | | build-logic).
* fix for libXpm4-cleanupMike Gabriel2015-04-111-1/+0
|
* fix for ebe00df38f264ef71dac3c73d416a74685c8cbd2 (removal of DmxLibrary)Mike Gabriel2015-04-081-4/+0
|
* Merge branch 'feature/other-Xserver-cleanup' into arctica-3.6.xMihai Moldovan2015-04-0529-7058/+23
|\ | | | | | | Attributes GH PR #8: https://github.com/ArcticaProject/nx-libs/pull/8
| * imake clean: Remove (probably incomplete) support for NXZaurusXServer, ↵Mike Gabriel2015-04-051-54/+0
| | | | | | | | NXiPAQXServer.
| * imake cleanup: nx-X11/programs/Xserver/Imakefile (drop non-provided Xserver ↵Mike Gabriel2015-04-051-286/+1
| | | | | | | | variants)
| * imake cleanup: nx-X11/programs/Imakefile (reduce to minimal).Mike Gabriel2015-04-041-136/+0
| |
| * imake cleanup: Drop all references to BuildFontServer.Mike Gabriel2015-04-048-44/+2
| |
| * imake cleanup: Drop all references to XprtServer and BuildXprint*.Mike Gabriel2015-04-0423-4368/+12
| |
| * imake cleanup: Drop all references to XdmxServer and BuildXdmx*.Mike Gabriel2015-04-0415-1934/+8
| |
| * imake cleanup: Drop all references to XVirtualFramebufferServer.Mike Gabriel2015-04-049-74/+3
| |
| * imake cleanup: Drop all references to XNestServer.Mike Gabriel2015-04-0410-76/+7
| |
| * imake cleanup: Drop all references to XWinServer.Mike Gabriel2015-04-043-99/+3
|/
* nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c.Mihai Moldovan2015-03-292-65/+93
| | | | Cherry-picked from branch 3.5.0.x.
* debian/changelog: sync with 3.5.0.x branch.Mihai Moldovan2015-03-291-0/+7
|
* nx-X11: fix typo in previous commit.Mihai Moldovan2015-03-291-1/+1
| | | | Cherry-picked from branch 3.5.0.x.
* nx-X11: handle source pictures (those without a Drawable surface) gracefully.Mihai Moldovan2015-03-294-20/+89
| | | | | | | | | | | | | | | | | | | Cherry-picked from branch 3.5.0.x. This is basically a merge of the most current xorg-server (1.17.1) code into nx-X11. It makes sure that for source pictures, which do not have a drawable surface, a filter is selected that is supported on the "main" and all other screens. Alternatively, if the requested filter is not available on all screens and the picture is a source picture, this function fails gracefully. Additionally, the ChangePictureFilter hook is now called for non-source pictures. This also needs an implementation in mipict.{c,h}. The default hook does nothing and returns a success value.
* debian/changelog: sync with 3.5.0.x branch.Mihai Moldovan2015-03-261-3/+47
|
* nxcomp{,ext,shad}: only use the first three numbers in the full version for ↵Mihai Moldovan2015-03-263-3/+6
| | | | current_version on OS X. ld(1) on 10.6 fails otherwise.
* nx-libs.spec: add overlooked Obsolete: statement to libNX_Xfixes3.Mihai Moldovan2015-03-172-0/+2
| | | | Cherry-picked from branch 3.5.0.x.
* nx-libs.spec: Versioned libXcomp* should obsolete unversioned libXcomp*, not ↵Mihai Moldovan2015-03-172-3/+10
| | | | | | | | | libNX_Xcomp*. Cherry-picked from branch 3.5.0.x. Conflicts: debian/changelog
* nx{comp{,ext,shad},proxy}: try really hard to find makedepend. Do not fail ↵Mihai Moldovan2015-03-168-8/+48
| | | | if it is not available.
* nxcomp{,ext,shad}: use the correct library naming scheme on OS X. It differs ↵Clemens Lang2015-03-154-19/+45
| | | | from other UNIX-based systems.
* nxcomp{,shad}: fix dynamic library linking on OS X. Use -dynamiclib instead ↵Clemens Lang2015-03-153-4/+5
| | | | of -bundle.
* nx{comp{,ext,shad},proxy}: use path discovery for finding makedepend. Remove ↵Clemens Lang2015-03-155-58/+6
| | | | old cruft.
* debian/changelog: fix wrong signature.Mihai Moldovan2015-03-151-1/+1
|
* debian/changelog: merge with 3.5.0.x release branch.Mihai Moldovan2015-03-151-4/+43
|
* README.md: Fix typo, update date.Mike Gabriel2015-03-131-2/+2
|
* README.md markdown fixupMike Gabriel2015-03-131-15/+16
|
* README.md: Add 3.6.x release goals.Mike Gabriel2015-03-131-0/+12
|
* Makefile: clean-up auto-generated nxversion.def in clean rule (not in build ↵Mike Gabriel2015-03-051-3/+5
| | | | rule).
* nx-X11/**: Drop non-imake Makefile* files.Mike Gabriel2015-03-047-951/+0
|
* nx-X11/config/cf/X11.tmpl: Fix imake warning ("UseInstalledOnCrossCompile" ↵Mike Gabriel2015-03-041-0/+2
| | | | is not defined).
* Merge pull request #4 from sunweaver/feature/libxpm-cleanupMike Gabriel2015-03-0441-9722/+26
|\ | | | | | | | | | | | | | | | | | | | | | | library clean-up: Don't build libNX_Xpm anymore. Use system's libXpm shared library. One release goal for version 3.6.x of nx-libs is dropping as many bundled libraries as possible that haven't been adapted to nx-libs. Starting with libNX_Xpm here. The libNX_Xpm library is only referenced once (nx-X11/programs/Xserver/hw/nxagent/Holder.c). When grepping through Xserver/hw/nxagent the suspicion comes up, that the libXpm linkage is not needed at all, because none of the provided functions are used inside the nxagent Xserver.
| * library clean-up: Don't build libNX_Xpm anymore. Use system's libXpm shared ↵Mike Gabriel2015-03-0341-9722/+26
|/ | | | library.
* Drop unused .cvsignore filesMike DePaulo2015-02-183-73/+0
|
* Update changelog for the CVE-2015-0255 commit and its 3 prereq commitsMike DePaulo2015-02-181-0/+8
|
* Fix symlink to renamed README.md.Mike Gabriel2015-02-181-1/+1
|
* README.md: Mention the TheQVD project as collaborator on NX.Mike Gabriel2015-02-181-2/+6
|
* rename README.txt to README.mdMike Gabriel2015-02-181-0/+0
|
* switch symlink and real fileMike Gabriel2015-02-182-33/+33
|
* Add README.txt symlink to README.NX-development (to have it shown on the ↵Mike Gabriel2015-02-181-0/+1
| | | | Github summary page).
* xkb: Check strings length against request sizeOlivier Fourdan2015-02-171-25/+41
| | | | | | | | | | | | | | | Ensure that the given strings length in an XkbSetGeometry request remain within the limits of the size of the request. v3: backport to nx-libs 3.6.x because this is the CVE-2015-0255 fix (Mike DePaulo) Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> (cherry picked from commit 20079c36cf7d377938ca5478447d8b9045cb7d43) (cherry picked from commit f160e722672dbb2b5215870b47bcc51461d96ff1) Signed-off-by: Julien Cristau <jcristau@debian.org>
* xkb: Don't swap XkbSetGeometry data in the input bufferOlivier Fourdan2015-02-171-16/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | The XkbSetGeometry request embeds data which needs to be swapped when the server and the client have different endianess. _XkbSetGeometry() invokes functions that swap these data directly in the input buffer. However, ProcXkbSetGeometry() may call _XkbSetGeometry() more than once (if there is more than one keyboard), thus causing on swapped clients the same data to be swapped twice in memory, further causing a server crash because the strings lengths on the second time are way off bounds. To allow _XkbSetGeometry() to run reliably more than once with swapped clients, do not swap the data in the buffer, use variables instead. v3: backport to nx-libs 3.6.x as a prereq for the CVE-2015-0255 fix (Mike DePaulo) Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> (cherry picked from commit 81c90dc8f0aae3b65730409b1b615b5fa7280ebd) (cherry picked from commit 29be310c303914090298ddda93a5bd5d00a94945) Signed-off-by: Julien Cristau <jcristau@debian.org> index 2405090..7db0959 100644
* include: introduce byte counting functions.Peter Hutterer2015-02-171-0/+30
| | | | | | | | | | | | | | | | | | | | This patch adds the following three functions: bits_to_bytes(bits) - the number of bytes needed to hold 'bits' bytes_to_int32(bytes) - the number of 4-byte units to hold 'bytes' pad_to_int32(bytes) - the closest multiple of 4 equal to or larger than 'bytes'. All three operations are common in protocol processing and currently the server has ((foo + 7)/8 + 3)/4 operations all over the place. A common set of functions reduce the error rate of these (albeit simple) calculations and improve readability of the code. The functions do not check for overflow. v2: backport to nx-libs 3.6.x as a prereq for the CVE-2015-0255 fix (Mike DePaulo) Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
* Coverity #844, #845, #846: Fix memory leaks.Daniel Stone2015-02-171-3/+19
| | | | | v2: backport to nx-libs 3.6.x as a prereq for the CVE-2015-0255 fix (Mike DePaulo)
* Merge pull request #3 from sunweaver/feature/nxagent-version-v2Mike Gabriel2015-02-178-6/+93
|\ | | | | Make nxagent aware of its NX'ish version string (and number).