Age | Commit message (Collapse) | Author |
|
We unconditionally require inet_pton() for our IPv6 check so let's use
the same call for the IPv4 check too. This removes the need for
inet_aton() which is labelled as deprecated because it doesn't support
IPv6.
Part-of: <https://gitlab.freedesktop.org/xorg/app/xhost/-/merge_requests/8>
|
|
Found by gcc 13.2 on Solaris 11.4:
xhost.c: In function ‘change_host’:
xhost.c:522:18: warning: ‘user2netname’ accessing 256 bytes in a region of
size 255 [-Wstringop-overflow=]
522 | if (!user2netname(username, pwd->pw_uid, domainname)) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
xhost.c:522:18: note: referencing argument 1 of type ‘char[256]’
In file included from /usr/include/rpc/rpc.h:35,
from xhost.c:98:
/usr/include/rpc/auth.h:316:12: note: in a call to function ‘user2netname’
316 | extern int user2netname(char [MAXNETNAMELEN + 1], const uid_t, const char *);
| ^~~~~~~~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/app/xhost/-/merge_requests/7>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Originally fixed for Solaris in May 2000 by Steve Swales under
Sun bug 4256527 "xhost messages not internationalized"
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Originally fixed for Solaris in Oct. 2002 under Sun bug 4759889
"xhost does not accept raw IPv6 numeric address"
Before this fix:
% xhost +2001:DB8::11
xhost: unknown address family "2001"
xhost: bad hostname "2001:DB8::11"
After this fix:
% xhost +2001:DB8::11
2001:DB8::11 being added to access control list
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
While parsing Xorg responses it is possible to trigger an out of
boundary read if the response does not contain enough bytes.
In case of IPv4, the padding normally prevents this, but IPv6
addresses can trigger an out of boundary read.
It takes a hostile xorg-server to reproduce this issue. If
os/access.c is adjusted to always use a length of 1, it is possible
to reproduce it and make it visible with an ASAN-compiled xhost.
Reading past the memory boundary could reveal sensitive information
to external DNS servers, because a lookup will be performed.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
implicit-function-declaration warnings
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: David Macek <david.macek.0@gmail.com>
|
|
xhost.c: In function ‘change_host’:
xhost.c:452:13: warning: assignment discards ‘const’ qualifier from pointer target type [enabled by default]
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Quiets clang warning:
xhost.c:812:21: warning: unused parameter 'sig' [-Wunused-parameter]
nameserver_lost(int sig)
^
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
wait
Win32 has neither SIGALRM nor sigaction(), so don't use SIGALRM to timeout
gethostaddr(), just wait
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
|
|
X_NOT_POSIX has never been defined by our autoconf scripts, only for a few
platforms in <X11/Xosdefs.h>, of which MinGW seems to be the most relevant
today, and since that doesn't have alarm() it doesn't need this code either.
First pass was done with 'unifdef -UX_NOT_POSIX', followed by
manual tweaking to adjust indent levels, etc.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jon TURNEY <jon.turney@dronecode.org.uk>
|
|
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
|
|
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
|
|
xhost.c:154:19: warning: comparison of integers of different signs: 'int' and 'unsigned long' [-Wsign-compare]
for (i = 0; i < FAMILIES; i++)
~ ^ ~~~~~~~~
xhost.c:310:15: warning: implicit conversion loses integer precision: 'size_t' (aka 'unsigned long') to 'int' [-Wshorten-64-to-32]
namelen = strlen(name);
~ ^~~~~~~~~~~~
xhost.c:311:40: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ((lname = (char *)malloc(namelen+1)) == NULL) {
~~~~~~ ~~~~~~~^~
xhost.c:707:46: warning: implicit conversion changes signedness: 'int' to 'socklen_t' (aka 'unsigned int') [-Wsign-conversion]
getnameinfo((struct sockaddr *) &saddr, saddrlen, inetname,
~~~~~~~~~~~ ^~~~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes gcc warnings:
xhost.c:290: warning: declaration of 'dpy' shadows a global declaration
xhost.c:160: warning: shadowed declaration is here
xhost.c:839: warning: declaration of 'dpy' shadows a global declaration
xhost.c:160: warning: shadowed declaration is here
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Drops use of autoconf's obsolete AC_TYPE_SIGNAL and the even more
obsolete Imake SIGNALRETURNSINT.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Has never been converted to build in modular builds, so has been unusable
since X11R7.0 release in 2005. All known platforms with TLI/XTI support
that X11R7 & later releases run on also have (and mostly prefer) BSD
socket support for their networking API.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Has never been converted to build in modular builds, so has been unusable
since X11R7.0 release in 2005. DNETCONN support was removed from xtrans
back in 2008.
Performed via "unifdef -UDNETCONN".
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes gcc warning:
xhost.c:453:6: warning: declaration of ‘namelen’ shadows a previous local
xhost.c:339:9: warning: shadowed declaration is here
Also removes unnecessary malloc and memcpy by just using the string
pointers we already have, since XAddHost & XRemoveHost will copy the
specified length of text from the strings to the Xlib request buffer
before returning, not relying on nil termination.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
|
|
We don't need a display to show the usage message.
X.Org bug#39633 <https://bugs.freedesktop.org/show_bug.cgi?id=39633>
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
|
In the ServerInterpreted case, XAddHost and XRemoveHost are capable of
failing when they lack request buffer memory. Notice this situation,
and report correctly.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
|
|
|
|
|
|
cvs: ----------------------------------------------------------------------
|
|
- remove unused file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|