summaryrefslogtreecommitdiff
path: root/xhost.c
AgeCommit message (Collapse)Author
2024-07-12Replace inet_addr()/inet_aton() with a call to inet_pton()HEADmasterPeter Hutterer
We unconditionally require inet_pton() for our IPv6 check so let's use the same call for the IPv4 check too. This removes the need for inet_aton() which is labelled as deprecated because it doesn't support IPv6. Part-of: <https://gitlab.freedesktop.org/xorg/app/xhost/-/merge_requests/8>
2024-05-02user2netname expects a MAXNETNAMELEN + 1 buffer, so give it oneAlan Coopersmith
Found by gcc 13.2 on Solaris 11.4: xhost.c: In function ‘change_host’: xhost.c:522:18: warning: ‘user2netname’ accessing 256 bytes in a region of size 255 [-Wstringop-overflow=] 522 | if (!user2netname(username, pwd->pw_uid, domainname)) { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ xhost.c:522:18: note: referencing argument 1 of type ‘char[256]’ In file included from /usr/include/rpc/rpc.h:35, from xhost.c:98: /usr/include/rpc/auth.h:316:12: note: in a call to function ‘user2netname’ 316 | extern int user2netname(char [MAXNETNAMELEN + 1], const uid_t, const char *); | ^~~~~~~~~~~~ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Part-of: <https://gitlab.freedesktop.org/xorg/app/xhost/-/merge_requests/7>
2022-12-03Simplify i18n of 'unable to get ... address for ...' error messageAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2022-11-07Use gettext() to localize messages if availableAlan Coopersmith
Originally fixed for Solaris in May 2000 by Steve Swales under Sun bug 4256527 "xhost messages not internationalized" Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2022-11-07Recognize raw IPv6 numeric addressAlan Coopersmith
Originally fixed for Solaris in Oct. 2002 under Sun bug 4759889 "xhost does not accept raw IPv6 numeric address" Before this fix: % xhost +2001:DB8::11 xhost: unknown address family "2001" xhost: bad hostname "2001:DB8::11" After this fix: % xhost +2001:DB8::11 2001:DB8::11 being added to access control list Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2018-11-12Drop ancient workarounds for Cray that are no longer neededAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2018-11-12Prefer inet_aton, if available, over inet_addrAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2018-07-16Prevent OOB access on illegal server response.Tobias Stoeckmann
While parsing Xorg responses it is possible to trigger an out of boundary read if the response does not contain enough bytes. In case of IPv4, the padding normally prevents this, but IPv6 addresses can trigger an out of boundary read. It takes a hostile xorg-server to reproduce this issue. If os/access.c is adjusted to always use a length of 1, it is possible to reproduce it and make it visible with an ASAN-compiled xhost. Reading past the memory boundary could reveal sensitive information to external DNS servers, because a lookup will be performed. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
2015-05-07Move sethostent()/gethostent() stubs used in Windows builds to avoid ↵Jon TURNEY
implicit-function-declaration warnings Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: David Macek <david.macek.0@gmail.com>
2013-06-14Fix const warning for FamilyLocalHost empty address stringAlan Coopersmith
xhost.c: In function ‘change_host’: xhost.c:452:13: warning: assignment discards ‘const’ qualifier from pointer target type [enabled by default] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-03-02Mark argument to nameserver_lost signal handler as unusedAlan Coopersmith
Quiets clang warning: xhost.c:812:21: warning: unused parameter 'sig' [-Wunused-parameter] nameserver_lost(int sig) ^ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-03-02If SIGALRM isn't available, don't use alarm() to timeout gethostaddr(), just ↵Jon TURNEY
wait Win32 has neither SIGALRM nor sigaction(), so don't use SIGALRM to timeout gethostaddr(), just wait Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk> Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
2013-02-28Drop pre-POSIX signal handling support in favor of sigaction()Alan Coopersmith
X_NOT_POSIX has never been defined by our autoconf scripts, only for a few platforms in <X11/Xosdefs.h>, of which MinGW seems to be the most relevant today, and since that doesn't have alarm() it doesn't need this code either. First pass was done with 'unifdef -UX_NOT_POSIX', followed by manual tweaking to adjust indent levels, etc. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Jon TURNEY <jon.turney@dronecode.org.uk>
2013-02-24Provide dummy sethostent(),endhostent() for Win32 alsoJon TURNEY
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk> Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
2013-02-24Use Xwinsock.h on WIN32Jon TURNEY
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk> Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
2013-02-23Fix some integer sign/size conversion warnings flagged by clangAlan Coopersmith
xhost.c:154:19: warning: comparison of integers of different signs: 'int' and 'unsigned long' [-Wsign-compare] for (i = 0; i < FAMILIES; i++) ~ ^ ~~~~~~~~ xhost.c:310:15: warning: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'int' [-Wshorten-64-to-32] namelen = strlen(name); ~ ^~~~~~~~~~~~ xhost.c:311:40: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion] if ((lname = (char *)malloc(namelen+1)) == NULL) { ~~~~~~ ~~~~~~~^~ xhost.c:707:46: warning: implicit conversion changes signedness: 'int' to 'socklen_t' (aka 'unsigned int') [-Wsign-conversion] getnameinfo((struct sockaddr *) &saddr, saddrlen, inetname, ~~~~~~~~~~~ ^~~~~~~~ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23Convert sprintf to snprintf in SECURE_RPC codeAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23Move dpy declaration from static to main() functionAlan Coopersmith
Fixes gcc warnings: xhost.c:290: warning: declaration of 'dpy' shadows a global declaration xhost.c:160: warning: shadowed declaration is here xhost.c:839: warning: declaration of 'dpy' shadows a global declaration xhost.c:160: warning: shadowed declaration is here Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23Assume signal handlers return void, as C89 requiresAlan Coopersmith
Drops use of autoconf's obsolete AC_TYPE_SIGNAL and the even more obsolete Imake SIGNALRETURNSINT. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23unifdef -UBAD_ARPAINETAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23unifdef -UattAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23unifdef -ULynxAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-02-23unifdef -UCRAYAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2012-12-26Remove unused TLI ("STREAMSCONN") code from xhostAlan Coopersmith
Has never been converted to build in modular builds, so has been unusable since X11R7.0 release in 2005. All known platforms with TLI/XTI support that X11R7 & later releases run on also have (and mostly prefer) BSD socket support for their networking API. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2012-12-26Remove unused DECnet ("DNETCONN") code from xhostAlan Coopersmith
Has never been converted to build in modular builds, so has been unusable since X11R7.0 release in 2005. DNETCONN support was removed from xtrans back in 2008. Performed via "unifdef -UDNETCONN". Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2012-03-08Rework si:type:value code to remove need for shadowed namelen variableAlan Coopersmith
Fixes gcc warning: xhost.c:453:6: warning: declaration of ‘namelen’ shadows a previous local xhost.c:339:9: warning: shadowed declaration is here Also removes unnecessary malloc and memcpy by just using the string pointers we already have, since XAddHost & XRemoveHost will copy the specified length of text from the strings to the Xlib request buffer before returning, not relying on nil termination. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2011-09-25Declare some char * as const to fix gcc -Wwrite-strings warningsAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Julien Cristau <jcristau@debian.org> Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
2011-07-28Move "-help" handling up to before XOpenDisplayJulien Cristau
We don't need a display to show the usage message. X.Org bug#39633 <https://bugs.freedesktop.org/show_bug.cgi?id=39633> Signed-off-by: Julien Cristau <jcristau@debian.org>
2011-07-19xhost: check return value of X{Add,Remove}HostKees Cook
In the ServerInterpreted case, XAddHost and XRemoveHost are capable of failing when they lack request buffer memory. Notice this situation, and report correctly. Signed-off-by: Kees Cook <kees.cook@canonical.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Julien Cristau <jcristau@debian.org>
2010-10-30Sun's copyrights now belong to OracleAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2010-10-06Purge cvs tags.Jesse Adkins
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>
2010-01-14Update Sun license notices to current X.Org standard formAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
2009-01-21Correct make distcheck and sparse warnings.Paulo Cesar Pereira de Andrade
2006-04-15Coverity #610, #611: Various minor memory leaks. Bump to 1.0.1.xhost-1_0_1XORG-7_1Adam Jackson
2005-06-18Autotooling: Add #include "config.h" & use RETSIGTYPE if defined.XORG-6_8_99_903XORG-6_8_99_902XORG-6_8_99_901XORG-6_8_99_900XORG-6_8_99_16XORG-6_8_99_15XORG-6_8_99_14XORG-6_8_99_13XORG-6_8_99_12Alan Coopersmith
cvs: ----------------------------------------------------------------------
2004-07-27- remove remaining AMOEBA references.xprint_packagertest_20041217_basexprint_packagertest_20041125_basesco_port_update-baserel-0-6-1lg3d-rel-0-7-0lg3d-rel-0-6-2lg3d-baseXORG-6_8_99_9XORG-6_8_99_8XORG-6_8_99_7XORG-6_8_99_6XORG-6_8_99_5XORG-6_8_99_4XORG-6_8_99_3XORG-6_8_99_2XORG-6_8_99_11XORG-6_8_99_10XORG-6_8_99_1XORG-6_8_2XORG-6_8_1_904XORG-6_8_1_903XORG-6_8_1_902XORG-6_8_1_901XORG-6_8_1XORG-6_8_0XORG-6_7_99_904XORG-6_7_99_903XORG-6_7_99_902XORG-6_7_99_901XORG-6_7_99_2XORG-6_7_99_1xprint_packagertest_20041217xprint_packagertest_20041125sco_port_updatelg3d-masterlg3d-eventlg3d-dev-0-7-1lg3d-dev-0-7-0lg3d-dev-0-6-latestlg3d-dev-0-6-2lg3d-dev-0-6-1-latestlg3d-dev-0-6-1-currentlg3d-dev-0-6-1-1lg3d-dev-0-6-1lg3dXORG-6_8-branchCOMPOSITEWRAPMatthieu Herrb
- remove unused file.
2004-04-23Merging XORG-CURRENT into trunkXACE-SELINUX-MERGEEgbert Eich
2004-03-14Importing vendor version xf86-4_4_99_1 on Sun Mar 14 00:26:39 PST 2004xf86-4_4_99_1Egbert Eich
2004-03-03Importing vendor version xf86-4_4_0 on Wed Mar 3 04:09:24 PST 2004xf86-4_4_0STSF-CURRENTEgbert Eich
2004-02-26readding XFree86's cvs IDsxf86-4_3_99_903Egbert Eich
2004-02-26Importing vendor version xf86-4_3_99_903 on Wed Feb 26 01:21:00 PST 2004Egbert Eich
2003-11-25XFree86 4.3.99.16 Bring the tree up to date for the Cygwin folksxf86-4_3_99_903_specialxf86-4_3_99_902xf86-4_3_99_901xf86-4_3_99_16xf86-012804-2330Kaleb Keithley
2003-11-14XFree86 4.3.0.1xf86-4_3_0_1PRE_xf86-4_3_0_1Kaleb Keithley
2003-11-14R6.6 is the Xorg base-lineXORG-MAINXORG-STABLEKaleb Keithley