Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[xsrc/trunk]: xsrc/external/mit/libX11/dist initial import of libX11-1.6.6
details: https://anonhg.NetBSD.org/xsrc/rev/96bbecf640f2
branches: trunk
changeset: 9983:96bbecf640f2
user: mrg <mrg%NetBSD.org@localhost>
date: Tue Aug 28 05:50:41 2018 +0000
description:
initial import of libX11-1.6.6
diffstat:
external/mit/libX11/dist/ChangeLog | 459 ++++++++++
external/mit/libX11/dist/Makefile.in | 1 +
external/mit/libX11/dist/aclocal.m4 | 235 +++-
external/mit/libX11/dist/config.guess | 124 +-
external/mit/libX11/dist/config.sub | 42 +-
external/mit/libX11/dist/configure | 91 +-
external/mit/libX11/dist/configure.ac | 4 +-
external/mit/libX11/dist/include/Makefile.in | 1 +
external/mit/libX11/dist/install-sh | 23 +-
external/mit/libX11/dist/ltmain.sh | 37 +-
external/mit/libX11/dist/man/Makefile.in | 1 +
external/mit/libX11/dist/man/xkb/Makefile.am | 2 +
external/mit/libX11/dist/man/xkb/Makefile.in | 3 +
external/mit/libX11/dist/man/xkb/XkbChangeControls.man | 111 +-
external/mit/libX11/dist/man/xkb/XkbGetNamedDeviceIndicator.man | 1 +
external/mit/libX11/dist/man/xkb/XkbGetNamedIndicator.man | 58 +-
external/mit/libX11/dist/man/xkb/XkbKeyNumGroups.man | 54 +-
external/mit/libX11/dist/man/xkb/XkbOpenDisplay.man | 2 +-
external/mit/libX11/dist/man/xkb/XkbSetNamedDeviceIndicator.man | 1 +
external/mit/libX11/dist/man/xkb/XkbSetNamedIndicator.man | 88 +-
external/mit/libX11/dist/modules/Makefile.in | 1 +
external/mit/libX11/dist/modules/im/Makefile.in | 1 +
external/mit/libX11/dist/modules/im/ximcp/Makefile.in | 1 +
external/mit/libX11/dist/modules/im/ximcp/imCallbk.c | 6 +-
external/mit/libX11/dist/modules/im/ximcp/imDefIc.c | 57 +-
external/mit/libX11/dist/modules/im/ximcp/imInsClbk.c | 2 +-
external/mit/libX11/dist/modules/im/ximcp/imLcIm.c | 8 +-
external/mit/libX11/dist/modules/lc/Makefile.in | 1 +
external/mit/libX11/dist/modules/lc/Utf8/Makefile.in | 1 +
external/mit/libX11/dist/modules/lc/def/Makefile.in | 1 +
external/mit/libX11/dist/modules/lc/gen/Makefile.in | 1 +
external/mit/libX11/dist/modules/om/Makefile.in | 1 +
external/mit/libX11/dist/modules/om/generic/Makefile.in | 1 +
external/mit/libX11/dist/modules/om/generic/omGeneric.c | 32 +-
external/mit/libX11/dist/nls/Makefile.in | 1 +
external/mit/libX11/dist/specs/Makefile.in | 1 +
external/mit/libX11/dist/specs/XIM/Makefile.in | 1 +
external/mit/libX11/dist/specs/XKB/Makefile.in | 1 +
external/mit/libX11/dist/specs/XKB/ch08.xml | 302 ++++++-
external/mit/libX11/dist/specs/i18n/Makefile.in | 1 +
external/mit/libX11/dist/specs/i18n/compose/Makefile.in | 1 +
external/mit/libX11/dist/specs/i18n/framework/Makefile.in | 1 +
external/mit/libX11/dist/specs/i18n/localedb/Makefile.in | 1 +
external/mit/libX11/dist/specs/i18n/trans/Makefile.in | 1 +
external/mit/libX11/dist/specs/libX11/Makefile.in | 1 +
external/mit/libX11/dist/src/DisName.c | 2 +-
external/mit/libX11/dist/src/FSWrap.c | 2 +-
external/mit/libX11/dist/src/GetIFocus.c | 2 +-
external/mit/libX11/dist/src/GetImage.c | 16 +-
external/mit/libX11/dist/src/GetKCnt.c | 2 +-
external/mit/libX11/dist/src/GetPCnt.c | 2 +-
external/mit/libX11/dist/src/GetPntMap.c | 2 +-
external/mit/libX11/dist/src/GetSSaver.c | 2 +-
external/mit/libX11/dist/src/GrServer.c | 2 +-
external/mit/libX11/dist/src/LiHosts.c | 21 +-
external/mit/libX11/dist/src/Macros.c | 2 +-
external/mit/libX11/dist/src/Makefile.am | 4 +-
external/mit/libX11/dist/src/Makefile.in | 5 +-
external/mit/libX11/dist/src/QuKeybd.c | 2 +-
external/mit/libX11/dist/src/ReconfWM.c | 2 +-
external/mit/libX11/dist/src/SetHints.c | 4 +-
external/mit/libX11/dist/src/StColor.c | 1 +
external/mit/libX11/dist/src/StColors.c | 1 +
external/mit/libX11/dist/src/StrKeysym.c | 10 +-
external/mit/libX11/dist/src/Sync.c | 2 +-
external/mit/libX11/dist/src/UngrabSvr.c | 2 +-
external/mit/libX11/dist/src/util/Makefile.in | 1 +
external/mit/libX11/dist/src/xcb_io.c | 3 -
external/mit/libX11/dist/src/xcms/Makefile.in | 1 +
external/mit/libX11/dist/src/xcms/cmsCmap.c | 2 +-
external/mit/libX11/dist/src/xcms/cmsProp.c | 1 +
external/mit/libX11/dist/src/xkb/Makefile.in | 1 +
external/mit/libX11/dist/src/xkb/XKBAlloc.c | 8 +-
external/mit/libX11/dist/src/xkb/XKBExtDev.c | 2 +-
external/mit/libX11/dist/src/xlibi18n/Makefile.in | 1 +
external/mit/libX11/dist/src/xlibi18n/lcCT.c | 10 +-
external/mit/libX11/dist/src/xlibi18n/lcDB.c | 2 +-
external/mit/libX11/dist/src/xlibi18n/lcGeneric.c | 75 +-
external/mit/libX11/dist/src/xlibi18n/lcPublic.c | 1 +
79 files changed, 1428 insertions(+), 532 deletions(-)
diffs (truncated from 3934 to 300 lines):
diff -r f0949d6110a9 -r 96bbecf640f2 external/mit/libX11/dist/ChangeLog
--- a/external/mit/libX11/dist/ChangeLog Thu Jul 26 21:29:16 2018 +0000
+++ b/external/mit/libX11/dist/ChangeLog Tue Aug 28 05:50:41 2018 +0000
@@ -1,3 +1,462 @@
+commit 733f64bfeb311c1d040b2f751bfdef9c9d0f89ef
+Author: Matthieu Herrb <matthieu%herrb.eu@localhost>
+Date: Tue Aug 21 16:54:50 2018 +0200
+
+ libX11 1.6.6
+
+ Signed-off-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit 173704243fbcbea0b6de2068b4fb403c7408fb54
+Author: Matthieu Herrb <matthieu%herrb.eu@localhost>
+Date: Tue Aug 21 16:53:40 2018 +0200
+
+ Remove statement with no effect.
+
+ Signed-off-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit e83722768fd5c467ef61fa159e8c6278770b45c2
+Author: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+Date: Fri Jul 27 16:38:00 2018 +0200
+
+ Fixed crash on invalid reply (CVE-2018-14598).
+
+ If the server sends a reply in which even the first string would
+ overflow the transmitted bytes, list[0] (or flist[0]) will be set to
+ NULL and a count of 0 is returned.
+
+ If the resulting list is freed with XFreeExtensionList or
+ XFreeFontPath later on, the first Xfree call:
+
+ Xfree (list[0]-1)
+ turns into
+ Xfree (NULL-1)
+
+ which will most likely trigger a segmentation fault.
+
+ I have modified the code to return NULL if the first string would
+ overflow, thus protecting the freeing functions later on.
+
+ Signed-off-by: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+
+commit dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
+Author: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+Date: Fri Jul 27 16:37:17 2018 +0200
+
+ Fixed out of boundary write (CVE-2018-14600).
+
+ The length value is interpreted as signed char on many systems
+ (depending on default signedness of char), which can lead to an out of
+ boundary write up to 128 bytes in front of the allocated storage, but
+ limited to NUL byte(s).
+
+ Casting the length value to unsigned char fixes the problem and allows
+ string values with up to 255 characters.
+
+ Signed-off-by: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+
+commit b469da1430cdcee06e31c6251b83aede072a1ff0
+Author: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+Date: Fri Jul 27 16:36:34 2018 +0200
+
+ Fixed off-by-one writes (CVE-2018-14599).
+
+ The functions XGetFontPath, XListExtensions, and XListFonts are
+ vulnerable to an off-by-one override on malicious server responses.
+
+ The server replies consist of chunks consisting of a length byte
+ followed by actual string, which is not NUL-terminated.
+
+ While parsing the response, the length byte is overridden with '\0',
+ thus the memory area can be used as storage of C strings later on. To
+ be able to NUL-terminate the last string, the buffer is reserved with
+ an additional byte of space.
+
+ For a boundary check, the variable chend (end of ch) was introduced,
+ pointing at the end of the buffer which ch initially points to.
+ Unfortunately there is a difference in handling "the end of ch".
+
+ While chend points at the first byte that must not be written to,
+ the for-loop uses chend as the last byte that can be written to.
+
+ Therefore, an off-by-one can occur.
+
+ I have refactored the code so chend actually points to the last byte
+ that can be written to without an out of boundary access. As it is not
+ possible to achieve "ch + length < chend" and "ch + length + 1 > chend"
+ with the corrected chend meaning, I removed the inner if-check.
+
+ Signed-off-by: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+
+commit d81da209fd4d0c2c9ad0596a8078e58864479d0d
+Author: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+Date: Tue Jul 3 22:31:37 2018 +0200
+
+ Validation of server response in XListHosts.
+
+ If a server sends an incorrect length in its response, a client is prone
+ to perform an out of boundary read while processing the data.
+
+ The length field of xHostEntry is used to specify the amount of bytes
+ used to represent the address. It is 16 bit, which means that it is not
+ possible to perform an arbitrary memory access, but it might be enough
+ to read sensitive information, e.g. malloc-related pointers and offsets.
+
+ Signed-off-by: Tobias Stoeckmann <tobias%stoeckmann.org@localhost>
+ Reviewed-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit b676e62377483df77bcb6472d26b24f901323fa9
+Author: Samuel Thibault <samuel.thibault%ens-lyon.org@localhost>
+Date: Wed Jun 13 15:46:58 2018 +0200
+
+ XkbOpenDisplay.3: fix typo
+
+ XkbOpenDisplay returns a pointer to Display, not a Display.
+
+ Signed-off-by: Samuel Thibault <samuel.thibault%ens-lyon.org@localhost>
+
+commit 9c5845ff0dc080ff10bd68af4fc40fcd805728ca
+Author: Martin Natano <natano%natano.net@localhost>
+Date: Sat Oct 8 19:57:50 2016 +0200
+
+ Don't rebuild ks_tables.h if nothing changed.
+
+ ks_tables.h is always considered out of date due to the forced rebuild
+ of the makekeys util. This means the file is also rebuilt during 'make
+ install', which is usually performed as root, which can to lead
+ permission problems later on.
+
+ Signed-off-by: Martin Natano <natano%natano.net@localhost>
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+
+commit 796f754cba6d75b676a0fc39b97802198fceda4f
+Author: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+Date: Sat May 5 14:43:30 2018 -0700
+
+ Change fall through comment in lcDB.c to match gcc's requirements
+
+ Needs to match one of the regexps shown under
+ https://gcc.gnu.org/onlinedocs/gcc-7.3.0/gcc/Warning-Options.html#index-Wimplicit-fallthrough
+
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+
+commit 82ca6308757126fa7ffc6588f1e5d8e3be04251b
+Author: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+Date: Sat Mar 24 19:45:14 2018 -0700
+
+ Use size_t for buffer sizes in SetHints.c
+
+ These variables store values returned from strlen() as a size_t
+ and are passed to Xmalloc, which expects a size_t, so lets stop
+ converting back and forth to int along the way.
+
+ Reported by: Konstantin SKliarov
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+ Reviewed-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
+
+commit 50a5a98984097d614227d22a49265e12b172cac7
+Author: Bhavi Dhingra <b.dhingra%samsung.com@localhost>
+Date: Tue Jul 5 11:37:50 2016 +0530
+
+ Fix possible memory leak in cmsProp.c:140
+
+ https://bugs.freedesktop.org/show_bug.cgi?id=96814
+
+ Reviewed-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+
+commit a9dafdd57c71473fa3a2ec4887e973e4e9876d83
+Author: Michal Srb <msrb%suse.com@localhost>
+Date: Thu Mar 15 09:50:58 2018 +0100
+
+ Use flexible array member instead of fake size.
+
+ The _XimCacheStruct structure is followed in memory by two strings containing
+ fname and encoding. The memory was accessed using the last member of the
+ structure `char fname[1]`. That is a lie, prohibits us from using sizeof and
+ confuses checkers. Lets declare it properly as a flexible array, so compilers
+ don't complain about writing past that array. As bonus we can replace the
+ XOffsetOf with regular sizeof.
+
+ Fixes GCC8 error:
+ In function 'strcpy',
+ inlined from '_XimWriteCachedDefaultTree' at imLcIm.c:479:5,
+ inlined from '_XimCreateDefaultTree' at imLcIm.c:616:2,
+ inlined from '_XimLocalOpenIM' at imLcIm.c:700:5:
+ /usr/include/bits/string_fortified.h:90:10: error: '__builtin_strcpy'
+ forming offset 2 is out of the bounds [0, 1] [-Werror=array-bounds]
+ return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
+
+ Caused by this line seemingly writing past the fname[1] array:
+ imLcIm.c:479: strcpy (m->fname+strlen(name)+1, encoding);
+
+ Reviewed-by: Keith Packard <keithp%keithp.com@localhost>
+ Signed-off-by: Peter Hutterer <peter.hutterer%who-t.net@localhost>
+
+commit 34f4464f69a4d6ff0d1042500a62f9a5ed7f3647
+Author: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+Date: Tue Mar 6 11:42:27 2018 -0800
+
+ If XGetImage fails to create image, don't dereference it to bounds check
+
+ Reported by gcc 7.3:
+
+ GetImage.c:110:25: warning: potential null pointer dereference [-Wnull-dereference]
+ if (planes < 1 || image->height < 1 || image->bytes_per_line < 1 ||
+ ~~~~~^~~~~~~~
+
+ Introduced by 8ea762f94f4c942d898fdeb590a1630c83235c17 in Xlib 1.6.4
+
+ Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
+ Reviewed-by: Emil Velikov <emil.velikov%collabora.com@localhost>
+
+commit e835a9dcc3362b5e92893be756dd7ae361e64ced
+Author: wharms <wharms%bfs.de@localhost>
+Date: Sun Sep 3 14:17:45 2017 +0200
+
+ silence gcc warning assignment discards 'const' qualifier from pointer target type
+
+commit 36a1ac0253fea82ff79cc52ba56c5691cfd07a3b
+Author: wharms <wharms%bfs.de@localhost>
+Date: Sun Aug 20 21:51:57 2017 +0200
+
+ remove empty line
+
+commit e02dfe54f32b4165351d2712a9d2e0584906a3ce
+Author: wharms <wharms%bfs.de@localhost>
+Date: Sun Aug 20 21:50:33 2017 +0200
+
+ add _X_UNUSED to avoid unused variable warnings
+
+commit 2911c39cecd63ed3747072a5eeeb9eedffc881e9
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Sat Jun 4 17:19:59 2016 +0200
+
+ Fixes: warning: variable 'req' set but not,used
+
+ Fixes: warning: variable 'req' set but not used [-Wunused-but-set-variable]
+ by marking req _X_UNUSED
+ Solution was discussed on xorg-devel ML
+ Peter Hutter, Alan Coopersmith
+ Re: [PATCH libX11 3/5] fix: warning: pointer targets in passing argument 2 of '_XSend' differ in signedness [-Wpointer-sign]
+
+ Signed-off-by: harms wharms%bfs.de@localhost
+
+commit bf82ec0402479fd8399d69e7d62fc17d7956699a
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Sat Jun 4 17:22:07 2016 +0200
+
+ mark _XDefaultIOError as no_return
+
+ mark _XDefaultIOError as no_return. No one comes back from exit() ...
+
+ Signed-off-by: harms wharms%bfs.de@localhost
+
+commit 9abe8380074edea3ac4e72466ec47e921ca05e47
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Sat Jun 4 17:21:52 2016 +0200
+
+ no need to check XFree arguments
+
+ You can save a bit of code. The is no need to check XFree arguments bring free_fontdataOM in line with other free function and check for NULL arg
+
+ Signed-off-by: harms wharms%bfs.de@localhost
+
+commit 433477fcb7e07d0c26a22ba78aae88827ed1f440
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Tue Apr 26 16:32:20 2016 +0200
+
+ fix memleak in error path
+
+ free all mem on error
+ Signed-off-by: walter harms <wharms%bfs.de@localhost>
+
+commit ed9f0d34abc645eee56e21863f23acb4d0bb8e9a
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Tue Apr 26 17:58:16 2016 +0200
+
+ fix memleak in error path
+
+ V2: remove unneeded NULL (reported by eric.engestrom%imgtec.com@localhost)
+
+ fix mem leak in error path
+ Signed-off-by: walter harms <wharms%bfs.de@localhost>
+
+commit 7c78fc57693afa94cf26170f0f6276e3b7374ed0
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Tue Apr 26 16:34:11 2016 +0200
+
+ no need to check args for Xfree()
+
+ simplify code
+
+ Signed-off-by: walter harms <wharms%bfs.de@localhost>
+
+commit c1c14af441ae73d1a8e67a971fafcf967e45ac48
+Author: walter harms <wharms%bfs.de@localhost>
+Date: Tue Apr 26 16:23:46 2016 +0200
Home |
Main Index |
Thread Index |
Old Index