aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Remove dead USE_OWN_COMPOSE-protected codeRan Benita2016-10-192-174/+0
| | | | | | | | | | | | The build doesn't provide any way to define this option. It also refers to files (imComp.h) and functions (e.g. XimCompInitTables(), XimCompProcessSym()) which are not found anywhere, and the ordinary Compose implementation in xim doesn't use any of it. Signed-off-by: Ran Benita <ran234@gmail.com> Reviewed-by: Julien Cristau <jcristau@debian.org> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix typos in Xrm.c commentsAlan Coopersmith2016-10-191-2/+2
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* _XkbReadGeomOverlay: check for NULL first, then use pointerAlan Coopersmith2016-10-191-1/+1
| | | | | | | | | | Flagged by cppcheck 1.62: [lib/libX11/nx-X11/lib/X11/XKBGeom.c:479] -> [lib/libX11/nx-X11/lib/X11/XKBGeom.c:480]: (warning) Possible null pointer dereference: row - otherwise it is redundant to check it against null. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* XkbSelectEventDetails: remove unnecessary assignmentsAlan Coopersmith2016-10-191-3/+0
| | | | | | | | | clear & selectAll are set to 0 already a few lines earlier, affectWhich is set to XkbMapNotifyMask a few lines later. None are used between the other assignments and the removed ones. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Don't try so hard to find a matching font with the given encodingJon TURNEY2016-10-191-1/+1
| | | | | | | | | | | | | | | | | | | | | See http://sourceware.org/bugzilla/show_bug.cgi?id=10948 Currently, if the locale is UTF-8, no CJK fonts are installed, and someone does XCreateFontSet() with a font name of "*", we end up asking the server to list the (non-existent) fonts 11 times for each CJK encoding, which can take a while. A * wildcard can match multiple components in a XLFD name in XListFonts(), so there's no need to try adding more than one to get a match. We do try once with a leading '*-' in case the fontname isn't a full well-formed XLFD name, maybe even that isn't needed? (See also http://invisible-island.net/xterm/xterm.faq.html#slow_menus) Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* unifdef -UISCAlan Coopersmith2016-10-192-27/+0
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Drop X_LOCALE fallback for OS'es without setlocale()Alan Coopersmith2016-10-1912-4242/+1
| | | | | | | | | | | | | | C89 or bust! This was documented as being needed for "only Lynx, Linux-libc5, OS/2" and has never been enabled in modular builds, since none of those platforms have had anyone step up to add support since the X11R7 conversion to autotools. Mostly performed with unifdef -UX_LOCALE, followed by removal of files left without any purpose, and manual cleanup of remaining references. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Adam Jackson <ajax@redhat.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Bug 68413 - [Bisected]Error in `xterm': realloc(): invalid next sizeAlan Coopersmith2016-10-191-1/+1
| | | | | | | Pass *new* size to realloc, not old size. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Stop checking for HAVE_DIX_CONFIG_H on the client sideAlan Coopersmith2016-10-194-12/+4
| | | | | | | | | Leftover from when these XKB files were shared with the server sources and could be compiled in either the client or server, with the different autoconf config files in each. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Rearrange some variable declarations & initializations in XKBAlan Coopersmith2016-10-1912-94/+66
| | | | | | | | Little things noticed during XKB restyling that seemed to make the code easier to read. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Reindent XKB code to X.Org standard styleAlan Coopersmith2016-10-1922-8341/+8714
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix overflow checks in _XkbReadKeySyms when key_sym_map is already createdAlan Coopersmith2016-10-191-5/+4
| | | | | | | | | | | | | | | | | | | | We were checking to make sure that the largest keysym value was within the range of the allocated buffer, but checking against different limits in the not-yet-allocated vs. the already-allocated branches. The check should be the same in both, and reflect the size used for the allocation, which is based on the maximum key code value, so we move it to be a common check, before we branch, instead of duplicating in each branch. map->key_sym_map is an array of XkbSymMapRec structs, [0..max_key_code] map->syms is the array for which num_syms is recorded, hence is not the right value to check for ensuring our key_sym_map accesses are in range. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reported-by: Barry Kauler <bkauler@gmail.com> Tested-by: Barry Kauler <bkauler@gmail.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Remove long unused udcInf.cAlan Coopersmith2016-10-191-715/+0
| | | | | | | | | I can find no record of what this file was for. Neither the X11R6.8.2 monolith Imakefile nor any modular release Makefile.am have ever built it and nothing else references it. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Remove unnecessary casts of pointers to (char *) in calls to Xfree()Alan Coopersmith2016-10-1959-230/+230
| | | | | | | | Left one cast behind that is necessary to change from const char * to char * in nx-X11/lib/X11/lcCharSet.c. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Don't cast sizeof() results to unsigned when passing to Xmalloc/XcallocAlan Coopersmith2016-10-194-9/+7
| | | | | | | | sizeof() returns size_t, malloc() & calloc() expect sizes in size_t, don't strip down to unsigned int and re-expand unnecessarily. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Remove even more casts of return values from Xmalloc/XreallocAlan Coopersmith2016-10-1947-213/+209
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* xlibi18n: fix argsize argument to _XlcParsePathAlan Coopersmith2016-10-191-2/+2
| | | | | | | | | | | | | | | | | | | | | The array is defined as having NUM_LOCALEDIR entries, so use that instead of hardcoded 256 value (the other two calls already did this). Reported by parfait: Buffer overflow (CWE 120): In pointer dereference of argv[argc] with index argc Pointer size is 64 elements (of 8 bytes each), index is 255 at line 82 of nx-X11/lib/X11/lcFile.c in function 'parse_line'. called at line 178 in function '_XlcParsePath' with argv = argv. called at line 722 in function '_XlcLocaleLibDirName' with argv = args, argsize = 256. at line 82 of nx-X11/lib/X11/lcFile.c in function 'parse_line'. called at line 178 in function '_XlcParsePath' with argv = argv. called at line 638 in function '_XlcLocaleDirName' with argv = args, argsize = 256. [ This bug was found by the Parfait 1.2.0 bug checking tool. http://labs.oracle.com/pls/apex/f?p=labs:49:::::P49_PROJECT_ID:13 ] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* i18n modules: Fix some const cast warningsAlan Coopersmith2016-10-192-3/+3
| | | | | | | | | | | | imRm.c: In function '_XimSetICMode': imRm.c:2419:37: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] imRm.c:2420:30: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] lcGenConv.c: In function 'byteM_parse_codeset': lcGenConv.c:345:13: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* xlibi18n: Fix a bunch of const cast warningsAlan Coopersmith2016-10-194-20/+17
| | | | | | | | Add const qualifiers to casts where needed, remove other casts that are no longer needed. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix const handling in XSetLocaleModifiersAlan Coopersmith2016-10-191-5/+5
| | | | | | | | | | | | | | Instead of reusing the input parameter to store the output, make a result variable instead, so that there's less const confusion. Fixes gcc warnings: lcWrap.c: In function 'XSetLocaleModifiers': lcWrap.c:87:18: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] lcWrap.c:91:25: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] lcWrap.c:93:12: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Constify lc_name argument to _XlcLocaleDirName() & _XlcLocaleLibDirName()Alan Coopersmith2016-10-193-61/+35
| | | | | | | | | | | | Makes code considerably less crufty and clears gcc warnings: XlcDL.c: In function '_XlcDynamicLoad': XlcDL.c:384:44: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] XlcDL.c:386:51: warning: cast discards '__attribute__((const))' qualifier from pointer target type [-Wcast-qual] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* init_om: remove unneeded extra copy of string to local bufferAlan Coopersmith2016-10-191-11/+4
| | | | | | | | | | | | | | Strings from the supported_charset_list[] were being copied one by one to a stack buffer, and then strdup called on that buffer. Instead, just strdup the original string, without the local copy, and use a more traditional for loop, so it's easier to figure out what the code is doing (cleaning up a gcc const-cast warning in the process). Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Delete unused XKB_INSURE_SIZE macro from XKBlibint.hAlan Coopersmith2016-10-191-6/+0
| | | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* miRegionOp(): ensure region size is not updated if realloc failsAlan Coopersmith2016-10-191-2/+3
| | | | | | | | | | | | | This function performs operations on a region, and when finished, checks to see if it should compact the rectangle list. If the number of rectangles for which memory is allocated in the list is more than twice the number used, it tries to shrink. realloc() should not fail in this case, but if it does, might as well keep the correct value for the number of allocated rectangles, so we don't try to grow it unnecessarily later if adding to the region. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* miRegionCopy(): handle realloc failure betterAlan Coopersmith2016-10-191-8/+9
| | | | | | | | | | | Zero out the region size when freeing the region so callers don't think there's anything there. (Pointer is already set to NULL from the realloc result itself.) Return 0 to the callers, and have them cascade that back to their callers to indicate failure, instead of their usual return value of 1 on success. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Avoid memory leak/corruption if realloc fails in Xregion.h:MEMCHECK macroAlan Coopersmith2016-10-191-3/+4
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Avoid memory leak/corruption if realloc fails in imLcPrs.c:parseline()Alan Coopersmith2016-10-191-10/+25
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* lcDB.c: ensure buffer size is updated correctly if realloc failsAlan Coopersmith2016-10-191-2/+3
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Avoid memory leak/corruption if realloc fails in XlcDL.c:resolve_object()Alan Coopersmith2016-10-191-5/+6
| | | | | | | | | | | Previously, if realloc failed to increase the size, we'd still record that we had allocated the larger size, but the pointer to it would be NULL, causing future calls to be broken, and the previous allocation to be lost/leaked. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* omGeneric.c: convert sprintf calls to snprintfAlan Coopersmith2016-10-191-10/+11
| | | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* ximcp/imRm.c: convert sprintf calls to snprintfAlan Coopersmith2016-10-191-14/+30
| | | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* xlibi18n: convert sprintf calls to snprintfAlan Coopersmith2016-10-195-57/+51
| | | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* lcfile: skip over any null entries in args listAlan Coopersmith2016-10-191-20/+15
| | | | | | | | | | | | | | | | | | Previous code seemed to assume that printf("%s", NULL) would result in a 0-length string, not "(null)" or similar, but since there's no point looking for files in "(null)/filepath...", instead we just skip over NULL entries in search paths when generating file names. In the *DirName() functions, this effectively just moves the "bail on NULL in arg[i]" check up from the later code that assigned it to targetdir and then bailed if that was NULL. Not sure how there ever could be a NULL in arg[i], given the current implementation of XlcParsePath, but it's easy enough to check once and reject up front instead of on every reference. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix file leak on malloc error in XlcDL.c:resolve_object()Alan Coopersmith2016-10-191-1/+3
| | | | | | | | | | | | | File Leak: Leaked File fp at line 219 of lib/libX11/nx-X11/lib/X11/XlcDL.c in function 'resolve_object'. fp initialized at line 198 with fopen [ This bug was found by the Parfait 1.2.0 bug checking tool. http://labs.oracle.com/pls/apex/f?p=labs:49:::::P49_PROJECT_ID:13 ] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix bogus timestamp generated by XIMISHIKAWA,chiaki2016-10-192-0/+21
| | | | | | | | | | Fix bogus timestamp generted by XIM due to uninitialized data field. Also set appropriate serial, too. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=39367 Signed-off-by: Chiaki ISHIKAWA <ishikawa@yk.rim.or.jp> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* XIM: Fix race on focus change: set 'FABRICATED' only when keyev filters in ↵Egbert Eich2016-10-191-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | place. When synthesized key events are sent on commit XIM sets the 'fabricated' flag so that the keypress handler knows that these were not real events. This also happens when committing due to the loss of focus. However in this case the keypress/release filters which consume and unset this flag are no longer in the filter chain. So the flag is erronously set when a real keyboard event is received after focus has been regained. So the first event is wrongly treated as a fabricated key in the keypress handler which will at the same time reset the flag so the second key event is treated correctly. This fix only sets the flag when at least one of the keyboard filters is in place. How to reproduce this bug: run scim, choose a Japanese input method start two instances of xterm: start typing in one xterm (this should pop up an IM window). Without comitting (hitting 'enter') move focus to the other xterm, then move focus back. Start typing again. The first character will be committed immediately without popping up an input window. With this fix this behavior is gone. See also: https://bugzilla.novell.com/show_bug.cgi?id=239698 Signed-off-by: Egbert Eich <eich@freedesktop.org> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* omGeneric: remove space between struct name & member nameAlan Coopersmith2016-10-191-1/+1
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* XSetModifierMapping: Use Data instead of GetReqExtraAlan Coopersmith2016-10-191-9/+3
| | | | | | | | Handle arbitrary length data in the same fashion as other calls, avoiding need to ensure it fits all in the request buffer. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* libX11: check size of GetReqExtra after XFlushKees Cook2016-10-192-3/+15
| | | | | | | | | | | | | | | | | | | | | | | Two users of GetReqExtra pass arbitrarily sized allocations from the caller (ModMap and Host). Adjust _XGetRequest() (called by the GetReqExtra macro) to double-check the requested length and invalidate "req" when this happens. Users of GetReqExtra passing lengths greater than the Xlib buffer size (normally 16K) must check "req" and fail gracefully instead of crashing. Any callers of GetReqExtra that do not check "req" for NULL will experience this change, in the pathological case, as a NULL dereference instead of a buffer overflow. This is an improvement, but the documentation for GetReqExtra has been updated to reflect the need to check the value of "req" after the call. Bug that manifested the problem: https://bugs.launchpad.net/ubuntu/+source/x11-xserver-utils/+bug/792628 Signed-off-by: Kees Cook <kees@outflux.net> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Tighten out-of-range comparisons.Thomas Klausner2016-10-194-4/+4
| | | | | | | | | | | | | [For all of these, LONG_MAX was the correct value to prevent overflows for the recent CVEs. Lowering to INT_MAX catches buggy replies from the server that 32-bit clients would reject but 64-bit would accept, so we catch bugs sooner, and really, no sane & working server should ever report more than 2gb of extension names, font path entries, key modifier maps, etc. -alan- ] Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Fix out-of-range comparison in _XF86BigfontQueryFontThomas Klausner2016-10-191-1/+1
| | | | | | | | | | | | | | | | | clang complained (correctly): warning: comparison of constant 768614336404564650 with expression of type 'CARD32' (aka 'unsigned int') is always true [-Wtautological-constant-out-of-range-compare] [While LONG_MAX is correct, since it's used in size_t math, the numbers have to be limited to 32-bit range to be usable by 32-bit clients, and values beyond that range are far more likely to be bugs in the data from the server than valid numbers of characters in a font. -alan- ] Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Check for symbol existence with #ifdef, not #ifThomas Klausner2016-10-191-1/+1
| | | | | | | Reviewed-by: Jamey Sharp <jamey@minilop.net> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Stop truncating source to destination length if it is larger.Thomas Klausner2016-10-191-28/+0
| | | | | | | | | | It seems useless to do that since the code tests for both source length and destination to be non-zero. This fixes a cut'n'paste problem in xterm where the paste length was limited to 1024 (BUFSIZ) in button.c. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Require ANSI C89 pre-processor, drop pre-C89 token pasting supportAlan Coopersmith2016-10-193-40/+0
| | | | | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* update Xfuncproto.hUlrich Sibiller2016-10-191-4/+65
|
* Align files with upstream libX11-1.6.0Ulrich Sibiller2016-10-1942-194/+190
| | | | | | | | | | | | This commit looks a bit crazy at first glance. It (re-)introduces lots of whitespaces and bad formatting. Explanation: Backporting upstream changes lead to commits being applied out of order. This meant a lot of manual intervention which in turn lead to slight differences between upstream and NX. With this commit these slight differences are minimized which will be of great help when adding further upstream patches.
* Tell clang not to report -Wpadded warnings on public headers we can't fixAlan Coopersmith2016-10-194-0/+48
| | | | | | | Better to silence the compiler warning than break ABI. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* Zero buffer data in BufAlloc()Adam Jackson2016-10-191-1/+1
| | | | | | | | | | | Inspired by a pattern in NoMachine's NX. Consistently zeroed buffers compress better with ssh and friends. Note that you'll need to rebuild all your protocol libraries to take advantage of this. Signed-off-by: Adam Jackson <ajax@redhat.com> Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* GetProp: Zero-initialized error so its resourceID field is initializedErkki Seppälä2016-10-191-1/+1
| | | | | | | | | | Using uninitialized value "error.resourceID" in call to function "_XError" Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Erkki Seppälä <erkki.seppala@vincit.fi> Signed-off-by: Ander Conselvan de Oliveira <ander.conselvan-de-oliveira@nokia.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
* integer overflow in ReadInFile() in Xrm.c [CVE-2013-1981 7/13]Alan Coopersmith2016-10-191-2/+4
| | | | | | | | | | | | | | | | | | Called from XrmGetFileDatabase() which gets called from InitDefaults() which gets the filename from getenv ("XENVIRONMENT") If file is exactly 0xffffffff bytes long (or longer and truncates to 0xffffffff, on implementations where off_t is larger than an int), then size may be set to a value which overflows causing less memory to be allocated than is written to by the following read() call. size is left limited to an int, because if your Xresources file is larger than 2gb, you're very definitely doing it wrong. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>