aboutsummaryrefslogtreecommitdiff
path: root/xorg-server/Xext/xace.c
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2012-01-11 08:55:02 +0100
committermarha <marha@users.sourceforge.net>2012-01-11 08:57:05 +0100
commita73c45b7c72c6e426e1c75dd939f5481227b6979 (patch)
treeaba5ced82f492a7e28dfa683144dfbd6293d9613 /xorg-server/Xext/xace.c
parentd60b5206a10c9d547a7230a991593b516e412204 (diff)
parent38e661c7d82fa0b34fbe9b3f3261295787bb6427 (diff)
downloadvcxsrv-a73c45b7c72c6e426e1c75dd939f5481227b6979.tar.gz
vcxsrv-a73c45b7c72c6e426e1c75dd939f5481227b6979.tar.bz2
vcxsrv-a73c45b7c72c6e426e1c75dd939f5481227b6979.zip
Merge remote-tracking branch 'origin/released'
Conflicts: pixman/pixman/pixman-trap.c xorg-server/Xext/xace.c xorg-server/dix/dispatch.c xorg-server/hw/xwin/winclipboardthread.c xorg-server/hw/xwin/winengine.c xorg-server/hw/xwin/winwin32rootlesswindow.c xorg-server/include/dixstruct.h xorg-server/os/connection.c
Diffstat (limited to 'xorg-server/Xext/xace.c')
-rw-r--r--xorg-server/Xext/xace.c662
1 files changed, 333 insertions, 329 deletions
diff --git a/xorg-server/Xext/xace.c b/xorg-server/Xext/xace.c
index 77b713ffb..69cb2bbdb 100644
--- a/xorg-server/Xext/xace.c
+++ b/xorg-server/Xext/xace.c
@@ -1,329 +1,333 @@
-/************************************************************
-
-Author: Eamon Walsh <ewalsh@tycho.nsa.gov>
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-this permission notice appear in supporting documentation. This permission
-notice shall be included in all copies or substantial portions of the
-Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-********************************************************/
-
-#ifdef HAVE_DIX_CONFIG_H
-#include <dix-config.h>
-#else
-#define XACE
-#endif
-
-#include <stdarg.h>
-#include "scrnintstr.h"
-#include "extnsionst.h"
-#include "pixmapstr.h"
-#include "regionstr.h"
-#include "gcstruct.h"
-#include "xacestr.h"
-
-#define XSERV_t
-#define TRANS_SERVER
-#include <X11/Xtrans/Xtrans.h>
-#include "../os/osdep.h"
-
-_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
-
-/* Special-cased hook functions. Called by Xserver.
- */
-int XaceHookDispatch(ClientPtr client, int major)
-{
- /* Call the audit begin callback, there is no return value. */
- XaceAuditRec rec = { client, 0 };
- CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec);
-
- if (major < 128) {
- /* Call the core dispatch hook */
- XaceCoreDispatchRec rec = { client, Success /* default allow */ };
- CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec);
- return rec.status;
- } else {
- /* Call the extension dispatch hook */
- ExtensionEntry *ext = GetExtensionEntry(major);
- XaceExtAccessRec rec = { client, ext, DixUseAccess, Success };
- if (ext)
- CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec);
- /* On error, pretend extension doesn't exist */
- return (rec.status == Success) ? Success : BadRequest;
- }
-}
-
-int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin,
- PropertyPtr *ppProp, Mask access_mode)
-{
- XacePropertyAccessRec rec = { client, pWin, ppProp, access_mode, Success };
- CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec);
- return rec.status;
-}
-
-int XaceHookSelectionAccess(ClientPtr client,
- Selection **ppSel, Mask access_mode)
-{
- XaceSelectionAccessRec rec = { client, ppSel, access_mode, Success };
- CallCallbacks(&XaceHooks[XACE_SELECTION_ACCESS], &rec);
- return rec.status;
-}
-
-void XaceHookAuditEnd(ClientPtr ptr, int result)
-{
- XaceAuditRec rec = { ptr, result };
- /* call callbacks, there is no return value. */
- CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec);
-}
-
-/* Entry point for hook functions. Called by Xserver.
- */
-int XaceHook(int hook, ...)
-{
- union {
- XaceResourceAccessRec res;
- XaceDeviceAccessRec dev;
- XaceSendAccessRec send;
- XaceReceiveAccessRec recv;
- XaceClientAccessRec client;
- XaceExtAccessRec ext;
- XaceServerAccessRec server;
- XaceScreenAccessRec screen;
- XaceAuthAvailRec auth;
- XaceKeyAvailRec key;
- } u;
- int *prv = NULL; /* points to return value from callback */
- va_list ap; /* argument list */
- va_start(ap, hook);
-
- /* Marshal arguments for passing to callback.
- * Each callback has its own case, which sets up a structure to hold
- * the arguments and integer return parameter, or in some cases just
- * sets calldata directly to a single argument (with no return result)
- */
- switch (hook)
- {
- case XACE_RESOURCE_ACCESS:
- u.res.client = va_arg(ap, ClientPtr);
- u.res.id = va_arg(ap, XID);
- u.res.rtype = va_arg(ap, RESTYPE);
- u.res.res = va_arg(ap, pointer);
- u.res.ptype = va_arg(ap, RESTYPE);
- u.res.parent = va_arg(ap, pointer);
- u.res.access_mode = va_arg(ap, Mask);
- u.res.status = Success; /* default allow */
- prv = &u.res.status;
- break;
- case XACE_DEVICE_ACCESS:
- u.dev.client = va_arg(ap, ClientPtr);
- u.dev.dev = va_arg(ap, DeviceIntPtr);
- u.dev.access_mode = va_arg(ap, Mask);
- u.dev.status = Success; /* default allow */
- prv = &u.dev.status;
- break;
- case XACE_SEND_ACCESS:
- u.send.client = va_arg(ap, ClientPtr);
- u.send.dev = va_arg(ap, DeviceIntPtr);
- u.send.pWin = va_arg(ap, WindowPtr);
- u.send.events = va_arg(ap, xEventPtr);
- u.send.count = va_arg(ap, int);
- u.send.status = Success; /* default allow */
- prv = &u.send.status;
- break;
- case XACE_RECEIVE_ACCESS:
- u.recv.client = va_arg(ap, ClientPtr);
- u.recv.pWin = va_arg(ap, WindowPtr);
- u.recv.events = va_arg(ap, xEventPtr);
- u.recv.count = va_arg(ap, int);
- u.recv.status = Success; /* default allow */
- prv = &u.recv.status;
- break;
- case XACE_CLIENT_ACCESS:
- u.client.client = va_arg(ap, ClientPtr);
- u.client.target = va_arg(ap, ClientPtr);
- u.client.access_mode = va_arg(ap, Mask);
- u.client.status = Success; /* default allow */
- prv = &u.client.status;
- break;
- case XACE_EXT_ACCESS:
- u.ext.client = va_arg(ap, ClientPtr);
- u.ext.ext = va_arg(ap, ExtensionEntry*);
- u.ext.access_mode = DixGetAttrAccess;
- u.ext.status = Success; /* default allow */
- prv = &u.ext.status;
- break;
- case XACE_SERVER_ACCESS:
- u.server.client = va_arg(ap, ClientPtr);
- u.server.access_mode = va_arg(ap, Mask);
- u.server.status = Success; /* default allow */
- prv = &u.server.status;
- break;
- case XACE_SCREEN_ACCESS:
- case XACE_SCREENSAVER_ACCESS:
- u.screen.client = va_arg(ap, ClientPtr);
- u.screen.screen = va_arg(ap, ScreenPtr);
- u.screen.access_mode = va_arg(ap, Mask);
- u.screen.status = Success; /* default allow */
- prv = &u.screen.status;
- break;
- case XACE_AUTH_AVAIL:
- u.auth.client = va_arg(ap, ClientPtr);
- u.auth.authId = va_arg(ap, XID);
- break;
- case XACE_KEY_AVAIL:
- u.key.event = va_arg(ap, xEventPtr);
- u.key.keybd = va_arg(ap, DeviceIntPtr);
- u.key.count = va_arg(ap, int);
- break;
- default:
- va_end(ap);
- return 0; /* unimplemented hook number */
- }
- va_end(ap);
-
- /* call callbacks and return result, if any. */
- CallCallbacks(&XaceHooks[hook], &u);
- return prv ? *prv : Success;
-}
-
-/* XaceCensorImage
- *
- * Called after pScreen->GetImage to prevent pieces or trusted windows from
- * being returned in image data from an untrusted window.
- *
- * Arguments:
- * client is the client doing the GetImage.
- * pVisibleRegion is the visible region of the window.
- * widthBytesLine is the width in bytes of one horizontal line in pBuf.
- * pDraw is the source window.
- * x, y, w, h is the rectangle of image data from pDraw in pBuf.
- * format is the format of the image data in pBuf: ZPixmap or XYPixmap.
- * pBuf is the image data.
- *
- * Returns: nothing.
- *
- * Side Effects:
- * Any part of the rectangle (x, y, w, h) that is outside the visible
- * region of the window will be destroyed (overwritten) in pBuf.
- */
-void
-XaceCensorImage(
- ClientPtr client,
- RegionPtr pVisibleRegion,
- long widthBytesLine,
- DrawablePtr pDraw,
- int x, int y, int w, int h,
- unsigned int format,
- char *pBuf)
-{
- RegionRec imageRegion; /* region representing x,y,w,h */
- RegionRec censorRegion; /* region to obliterate */
- BoxRec imageBox;
- int nRects;
-
- imageBox.x1 = x;
- imageBox.y1 = y;
- imageBox.x2 = x + w;
- imageBox.y2 = y + h;
- RegionInit(&imageRegion, &imageBox, 1);
- RegionNull(&censorRegion);
-
- /* censorRegion = imageRegion - visibleRegion */
- RegionSubtract(&censorRegion, &imageRegion, pVisibleRegion);
- nRects = RegionNumRects(&censorRegion);
- if (nRects > 0)
- { /* we have something to censor */
- GCPtr pScratchGC = NULL;
- PixmapPtr pPix = NULL;
- xRectangle *pRects = NULL;
- Bool failed = FALSE;
- int depth = 1;
- int bitsPerPixel = 1;
- int i;
- BoxPtr pBox;
-
- /* convert region to list-of-rectangles for PolyFillRect */
-
- pRects = malloc(nRects * sizeof(xRectangle));
- if (!pRects)
- {
- failed = TRUE;
- goto failSafe;
- }
- for (pBox = RegionRects(&censorRegion), i = 0;
- i < nRects;
- i++, pBox++)
- {
- pRects[i].x = pBox->x1;
- pRects[i].y = pBox->y1 - imageBox.y1;
- pRects[i].width = pBox->x2 - pBox->x1;
- pRects[i].height = pBox->y2 - pBox->y1;
- }
-
- /* use pBuf as a fake pixmap */
-
- if (format == ZPixmap)
- {
- depth = pDraw->depth;
- bitsPerPixel = pDraw->bitsPerPixel;
- }
-
- pPix = GetScratchPixmapHeader(pDraw->pScreen, w, h,
- depth, bitsPerPixel,
- widthBytesLine, (pointer)pBuf);
- if (!pPix)
- {
- failed = TRUE;
- goto failSafe;
- }
-
- pScratchGC = GetScratchGC(depth, pPix->drawable.pScreen);
- if (!pScratchGC)
- {
- failed = TRUE;
- goto failSafe;
- }
-
- ValidateGC(&pPix->drawable, pScratchGC);
- (* pScratchGC->ops->PolyFillRect)(&pPix->drawable,
- pScratchGC, nRects, pRects);
-
- failSafe:
- if (failed)
- {
- /* Censoring was not completed above. To be safe, wipe out
- * all the image data so that nothing trusted gets out.
- */
- memset(pBuf, 0, (int)(widthBytesLine * h));
- }
- free(pRects);
- if (pScratchGC) FreeScratchGC(pScratchGC);
- if (pPix) FreeScratchPixmapHeader(pPix);
- }
- RegionUninit(&imageRegion);
- RegionUninit(&censorRegion);
-} /* XaceCensorImage */
-
-/*
- * Xtrans wrappers for use by modules
- */
-int XaceGetConnectionNumber(ClientPtr client)
-{
- XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
- return _XSERVTransGetConnectionNumber(ci);
-}
-
-int XaceIsLocal(ClientPtr client)
-{
- XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
- return _XSERVTransIsLocal(ci);
-}
+/************************************************************
+
+Author: Eamon Walsh <ewalsh@tycho.nsa.gov>
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+this permission notice appear in supporting documentation. This permission
+notice shall be included in all copies or substantial portions of the
+Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+********************************************************/
+
+#ifdef HAVE_DIX_CONFIG_H
+#include <dix-config.h>
+#else
+#define XACE
+#endif
+
+#include <stdarg.h>
+#include "scrnintstr.h"
+#include "extnsionst.h"
+#include "pixmapstr.h"
+#include "regionstr.h"
+#include "gcstruct.h"
+#include "xacestr.h"
+
+#define XSERV_t
+#define TRANS_SERVER
+#include <X11/Xtrans/Xtrans.h>
+#include "../os/osdep.h"
+
+_X_EXPORT CallbackListPtr XaceHooks[XACE_NUM_HOOKS] = {0};
+
+/* Special-cased hook functions. Called by Xserver.
+ */
+int XaceHookDispatch(ClientPtr client, int major)
+{
+ /* Call the audit begin callback, there is no return value. */
+ XaceAuditRec rec = { client, 0 };
+ CallCallbacks(&XaceHooks[XACE_AUDIT_BEGIN], &rec);
+
+ if (major < 128) {
+ /* Call the core dispatch hook */
+ XaceCoreDispatchRec rec = { client, Success /* default allow */ };
+ CallCallbacks(&XaceHooks[XACE_CORE_DISPATCH], &rec);
+ return rec.status;
+ } else {
+ /* Call the extension dispatch hook */
+ ExtensionEntry *ext = GetExtensionEntry(major);
+ XaceExtAccessRec rec = { client, ext, DixUseAccess, Success };
+ if (ext)
+ CallCallbacks(&XaceHooks[XACE_EXT_DISPATCH], &rec);
+ /* On error, pretend extension doesn't exist */
+ return (rec.status == Success) ? Success : BadRequest;
+ }
+}
+
+int XaceHookPropertyAccess(ClientPtr client, WindowPtr pWin,
+ PropertyPtr *ppProp, Mask access_mode)
+{
+ XacePropertyAccessRec rec = { client, pWin, ppProp, access_mode, Success };
+ CallCallbacks(&XaceHooks[XACE_PROPERTY_ACCESS], &rec);
+ return rec.status;
+}
+
+int XaceHookSelectionAccess(ClientPtr client,
+ Selection **ppSel, Mask access_mode)
+{
+ XaceSelectionAccessRec rec = { client, ppSel, access_mode, Success };
+ CallCallbacks(&XaceHooks[XACE_SELECTION_ACCESS], &rec);
+ return rec.status;
+}
+
+void XaceHookAuditEnd(ClientPtr ptr, int result)
+{
+ XaceAuditRec rec = { ptr, result };
+ /* call callbacks, there is no return value. */
+ CallCallbacks(&XaceHooks[XACE_AUDIT_END], &rec);
+}
+
+/* Entry point for hook functions. Called by Xserver.
+ */
+int XaceHook(int hook, ...)
+{
+ union {
+ XaceResourceAccessRec res;
+ XaceDeviceAccessRec dev;
+ XaceSendAccessRec send;
+ XaceReceiveAccessRec recv;
+ XaceClientAccessRec client;
+ XaceExtAccessRec ext;
+ XaceServerAccessRec server;
+ XaceScreenAccessRec screen;
+ XaceAuthAvailRec auth;
+ XaceKeyAvailRec key;
+ } u;
+ int *prv = NULL; /* points to return value from callback */
+ va_list ap; /* argument list */
+
+ if (!XaceHooks[hook])
+ return Success;
+
+ va_start(ap, hook);
+
+ /* Marshal arguments for passing to callback.
+ * Each callback has its own case, which sets up a structure to hold
+ * the arguments and integer return parameter, or in some cases just
+ * sets calldata directly to a single argument (with no return result)
+ */
+ switch (hook)
+ {
+ case XACE_RESOURCE_ACCESS:
+ u.res.client = va_arg(ap, ClientPtr);
+ u.res.id = va_arg(ap, XID);
+ u.res.rtype = va_arg(ap, RESTYPE);
+ u.res.res = va_arg(ap, pointer);
+ u.res.ptype = va_arg(ap, RESTYPE);
+ u.res.parent = va_arg(ap, pointer);
+ u.res.access_mode = va_arg(ap, Mask);
+ u.res.status = Success; /* default allow */
+ prv = &u.res.status;
+ break;
+ case XACE_DEVICE_ACCESS:
+ u.dev.client = va_arg(ap, ClientPtr);
+ u.dev.dev = va_arg(ap, DeviceIntPtr);
+ u.dev.access_mode = va_arg(ap, Mask);
+ u.dev.status = Success; /* default allow */
+ prv = &u.dev.status;
+ break;
+ case XACE_SEND_ACCESS:
+ u.send.client = va_arg(ap, ClientPtr);
+ u.send.dev = va_arg(ap, DeviceIntPtr);
+ u.send.pWin = va_arg(ap, WindowPtr);
+ u.send.events = va_arg(ap, xEventPtr);
+ u.send.count = va_arg(ap, int);
+ u.send.status = Success; /* default allow */
+ prv = &u.send.status;
+ break;
+ case XACE_RECEIVE_ACCESS:
+ u.recv.client = va_arg(ap, ClientPtr);
+ u.recv.pWin = va_arg(ap, WindowPtr);
+ u.recv.events = va_arg(ap, xEventPtr);
+ u.recv.count = va_arg(ap, int);
+ u.recv.status = Success; /* default allow */
+ prv = &u.recv.status;
+ break;
+ case XACE_CLIENT_ACCESS:
+ u.client.client = va_arg(ap, ClientPtr);
+ u.client.target = va_arg(ap, ClientPtr);
+ u.client.access_mode = va_arg(ap, Mask);
+ u.client.status = Success; /* default allow */
+ prv = &u.client.status;
+ break;
+ case XACE_EXT_ACCESS:
+ u.ext.client = va_arg(ap, ClientPtr);
+ u.ext.ext = va_arg(ap, ExtensionEntry*);
+ u.ext.access_mode = DixGetAttrAccess;
+ u.ext.status = Success; /* default allow */
+ prv = &u.ext.status;
+ break;
+ case XACE_SERVER_ACCESS:
+ u.server.client = va_arg(ap, ClientPtr);
+ u.server.access_mode = va_arg(ap, Mask);
+ u.server.status = Success; /* default allow */
+ prv = &u.server.status;
+ break;
+ case XACE_SCREEN_ACCESS:
+ case XACE_SCREENSAVER_ACCESS:
+ u.screen.client = va_arg(ap, ClientPtr);
+ u.screen.screen = va_arg(ap, ScreenPtr);
+ u.screen.access_mode = va_arg(ap, Mask);
+ u.screen.status = Success; /* default allow */
+ prv = &u.screen.status;
+ break;
+ case XACE_AUTH_AVAIL:
+ u.auth.client = va_arg(ap, ClientPtr);
+ u.auth.authId = va_arg(ap, XID);
+ break;
+ case XACE_KEY_AVAIL:
+ u.key.event = va_arg(ap, xEventPtr);
+ u.key.keybd = va_arg(ap, DeviceIntPtr);
+ u.key.count = va_arg(ap, int);
+ break;
+ default:
+ va_end(ap);
+ return 0; /* unimplemented hook number */
+ }
+ va_end(ap);
+
+ /* call callbacks and return result, if any. */
+ CallCallbacks(&XaceHooks[hook], &u);
+ return prv ? *prv : Success;
+}
+
+/* XaceCensorImage
+ *
+ * Called after pScreen->GetImage to prevent pieces or trusted windows from
+ * being returned in image data from an untrusted window.
+ *
+ * Arguments:
+ * client is the client doing the GetImage.
+ * pVisibleRegion is the visible region of the window.
+ * widthBytesLine is the width in bytes of one horizontal line in pBuf.
+ * pDraw is the source window.
+ * x, y, w, h is the rectangle of image data from pDraw in pBuf.
+ * format is the format of the image data in pBuf: ZPixmap or XYPixmap.
+ * pBuf is the image data.
+ *
+ * Returns: nothing.
+ *
+ * Side Effects:
+ * Any part of the rectangle (x, y, w, h) that is outside the visible
+ * region of the window will be destroyed (overwritten) in pBuf.
+ */
+void
+XaceCensorImage(
+ ClientPtr client,
+ RegionPtr pVisibleRegion,
+ long widthBytesLine,
+ DrawablePtr pDraw,
+ int x, int y, int w, int h,
+ unsigned int format,
+ char *pBuf)
+{
+ RegionRec imageRegion; /* region representing x,y,w,h */
+ RegionRec censorRegion; /* region to obliterate */
+ BoxRec imageBox;
+ int nRects;
+
+ imageBox.x1 = x;
+ imageBox.y1 = y;
+ imageBox.x2 = x + w;
+ imageBox.y2 = y + h;
+ RegionInit(&imageRegion, &imageBox, 1);
+ RegionNull(&censorRegion);
+
+ /* censorRegion = imageRegion - visibleRegion */
+ RegionSubtract(&censorRegion, &imageRegion, pVisibleRegion);
+ nRects = RegionNumRects(&censorRegion);
+ if (nRects > 0)
+ { /* we have something to censor */
+ GCPtr pScratchGC = NULL;
+ PixmapPtr pPix = NULL;
+ xRectangle *pRects = NULL;
+ Bool failed = FALSE;
+ int depth = 1;
+ int bitsPerPixel = 1;
+ int i;
+ BoxPtr pBox;
+
+ /* convert region to list-of-rectangles for PolyFillRect */
+
+ pRects = malloc(nRects * sizeof(xRectangle));
+ if (!pRects)
+ {
+ failed = TRUE;
+ goto failSafe;
+ }
+ for (pBox = RegionRects(&censorRegion), i = 0;
+ i < nRects;
+ i++, pBox++)
+ {
+ pRects[i].x = pBox->x1;
+ pRects[i].y = pBox->y1 - imageBox.y1;
+ pRects[i].width = pBox->x2 - pBox->x1;
+ pRects[i].height = pBox->y2 - pBox->y1;
+ }
+
+ /* use pBuf as a fake pixmap */
+
+ if (format == ZPixmap)
+ {
+ depth = pDraw->depth;
+ bitsPerPixel = pDraw->bitsPerPixel;
+ }
+
+ pPix = GetScratchPixmapHeader(pDraw->pScreen, w, h,
+ depth, bitsPerPixel,
+ widthBytesLine, (pointer)pBuf);
+ if (!pPix)
+ {
+ failed = TRUE;
+ goto failSafe;
+ }
+
+ pScratchGC = GetScratchGC(depth, pPix->drawable.pScreen);
+ if (!pScratchGC)
+ {
+ failed = TRUE;
+ goto failSafe;
+ }
+
+ ValidateGC(&pPix->drawable, pScratchGC);
+ (* pScratchGC->ops->PolyFillRect)(&pPix->drawable,
+ pScratchGC, nRects, pRects);
+
+ failSafe:
+ if (failed)
+ {
+ /* Censoring was not completed above. To be safe, wipe out
+ * all the image data so that nothing trusted gets out.
+ */
+ memset(pBuf, 0, (int)(widthBytesLine * h));
+ }
+ free(pRects);
+ if (pScratchGC) FreeScratchGC(pScratchGC);
+ if (pPix) FreeScratchPixmapHeader(pPix);
+ }
+ RegionUninit(&imageRegion);
+ RegionUninit(&censorRegion);
+} /* XaceCensorImage */
+
+/*
+ * Xtrans wrappers for use by modules
+ */
+int XaceGetConnectionNumber(ClientPtr client)
+{
+ XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
+ return _XSERVTransGetConnectionNumber(ci);
+}
+
+int XaceIsLocal(ClientPtr client)
+{
+ XtransConnInfo ci = ((OsCommPtr)client->osPrivate)->trans_conn;
+ return _XSERVTransIsLocal(ci);
+}