aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/programs/Xserver/dbe
Commit message (Collapse)AuthorAgeFilesLines
* Clear header file namespace separation (<X11/...> vs. <nx-X11/...>).Mike Gabriel2015-12-283-5/+5
| | | | | | | | | | | | | | | | | | | | In the process of building nxagent against more and more system-wide installed X.org libraries, we come to the limit of including structs from this (bundled nx-X11) and that (system-wide X.Org) library. This commit introduces a clear namespace separation of headers provided by nx-X11 and headers provided by X.Org. This approach is only temporary as we want to drop all nx-X11 bundled libraries from nx-libs. However, for a while we need to make this separation clear and also ship some reduced fake X.Org headers that avoid pulling in libX* and libNX_X* symbols at the same time. This patch has been tested on Debian jessie and unstable and requires no overall testing on various distros and distro versions, as we finally will drop all libNX_X* libraries and build against X.org's client libs. For now, this hack eases our development / cleanup process.
* Replace 'pointer' type with 'void *'Keith Packard2015-12-283-23/+23
| | | | | | | | | | This lets us stop using the 'pointer' typedef in Xdefs.h as 'pointer' is used throughout the X server for other things, and having duplicate names generates compiler warnings. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Eric Anholt <eric@anholt.net> Rebased against NX: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* dbe: unvalidated lengths in DbeSwapBuffers calls [CVE-2014-8097]Alan Coopersmith2015-02-141-3/+8
| | | | | | | | | | | | | | | | | | | | | | ProcDbeSwapBuffers() has a 32bit (n) length value that it uses to read from a buffer. The length is never validated, which can lead to out of bound reads, and possibly returning the data read from out of bounds to the misbehaving client via an X Error packet. SProcDbeSwapBuffers() swaps data (for correct endianness) before handing it off to the real proc. While doing the swapping, the length field is not validated, which can cause memory corruption. v2: reorder checks to avoid compilers optimizing out checks for overflow that happen after we'd already have done the overflowing multiplications. v3: backport to nx-libs 3.6.x (Mike DePaulo) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: dbe/dbe.c
* Imported nx-X11-3.1.0-1.tar.gznx-X11/3.1.0-1Reinhard Tartler2011-10-108-0/+3360
Summary: Imported nx-X11-3.1.0-1.tar.gz Keywords: Imported nx-X11-3.1.0-1.tar.gz into Git repository