| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
If we find that $XDG_RUNTIME_DIR is set (and $ICEAUTHORITY is not), then
the ICEauthority file is stored in the XDG_RUNTIME_DIR instead of the
home directory, and without a leading dot.
https://bugs.freedesktop.org/show_bug.cgi?id=49173
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
There is a theoretical edge case where the $HOME environment variable
could be set to the empty string. IceAuthFileName() unconditionally
checks index 1 of this string, which is out of bounds.
Fix that up by rejecting empty strings in the same way as we reject
NULL.
https://bugs.freedesktop.org/show_bug.cgi?id=49173
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
free() can handle NULL just fine - remove the check.
Signed-off-by: Walter Harms <wharms@bfs.de>
Reviewed-by: Eric Engestrom <eric.engestrom@imgtec.com>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
|
|
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Eric Engestrom <eric.engestrom@imgtec.com> (IRC)
|
|
Analogous to previous commit, including the megacommit that removed the
need for it.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Eric Engestrom <eric.engestrom@imgtec.com> (IRC)
|
|
The function IceAuthFileName is vulnerable to a use after free. The
flaw can be triggered by calling the function three times:
- First call succeeds and stores the path in buf, a dynamically
allocated buffer with size bsize.
- Second call fails due to out of memory. It frees buf, but keeps
the old size in bsize.
- Third call only checks if bsize is large enough. Then it uses
buf without allocating it again -- the use after free happens.
In order to exploit this, an attacker must change environment variables
between each call, namely ICEAUTHORITY or HOME. It also takes subsequent
calls. Due to these limitations, I don't consider this to be of high
priority.
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Needed to fix const string warnings in iceauth - functions already
copy provided arguments to temporary local buffer for modifications.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Needed to clear gcc -Wwrite-strings warnings in callers
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
|
|
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
From Magnus Kessler <Magnus.Kessler@gmx.net>
http://lists.freedesktop.org/archives/xorg/2008-October/039799.html
http://lists.freedesktop.org/archives/xorg/attachments/20081030/b2ea5b1c/attachment-0001.bin
|
|
convert all old style function declarations
see also: Paulo Cesar Pereira de Andrade <pcpa@mandriva.com.br>
http://bugs.freedesktop.org/show_bug.cgi?id=14683
http://bugs.freedesktop.org/attachment.cgi?id=14582
see also: Magnus Kessler <Magnus.Kessler@gmx.net>
http://lists.freedesktop.org/archives/xorg/2008-October/039799.html
http://lists.freedesktop.org/archives/xorg/attachments/20081030/b2ea5b1c/attachment-0001.bin
|
|
|
|
|
|
Add XSERV_t, TRANS_SERVER, TRANS_REOPEN to quash warnings.
Add #include <dix-config.h> or <xorg-config.h>, as appropriate, to all
source files in the xserver/xorg tree, predicated on defines of
HAVE_{DIX,XORG}_CONFIG_H. Change all Xfont includes to
<X11/fonts/foo.h>.
|
|
- Add ICE to symlink.sh
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
