| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Also update to latest ci-templates
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
AC_PROG_LIBTOOL was replaced by LT_INIT in libtool 2 in 2008,
so it's time to rely on it.
Clears autoconf warnings:
configure.ac:13: warning: The macro `AC_PROG_LIBTOOL' is obsolete.
configure.ac:13: You should run autoupdate.
aclocal.m4:3640: AC_PROG_LIBTOOL is expanded from...
configure.ac:13: the top level
libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac,
libtoolize: and rerunning libtoolize and aclocal.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Oracle no longer includes this term in our copyright & license notices.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes numerous gcc warnings of the form:
sm_client.c: In function ‘SmcOpenConnection’:
SMlibint.h:109:25: warning: potential null pointer dereference [-Wnull-dereference]
*((CARD32 *) _pBuf) = _val; \
SMlibint.h:160:5: note: in expansion of macro ‘STORE_CARD32’
STORE_CARD32 (_pBuf, (CARD32) _len); \
^~~~~~~~~~~~
sm_client.c:207:5: note: in expansion of macro ‘STORE_ARRAY8’
STORE_ARRAY8 (pData, len, previousId);
^~~~~~~~~~~~
v2: Raise required libICE version to 1.1.0 to get the updated
IceGetHeaderExtra macro definition needed for this to work correctly.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Allow us to pass CI without waiting for Debian to pick up yesterday's
release of libICE 1.1.0.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
commit b17f93a1d041e63261ff followed the style of the time it was
written, before commit e77dd2e4bc8227 had removed them.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Kim Woelders <kim@woelders.dk>
Reviewed-by: Corbin Simpson <MostAwesomeDude@gmail.com>
|
|
If a uuid.pc file was found, add it to Requires.private.
Otherwise, add $LIBUUID_LIBS to Libs.private.
Fixes: #1
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Found by using:
codespell --builtin clear,rare,usage,informal,code,names
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
Out of boundary accesses can occur while processing messages. This
affects clients and the session server.
Generally, the code tries to prevent out of boundary accesses. It
initially "skips" over the memory areas by parsing supplied lengths.
Then, it checks if it skipped over the memory boundary. If not, then
data is actually read and memory allocated, etc.
The problem is that while initially skipping over the memory,
subsequent lengths are already parsed, i.e. accessed. This results in
out of boundary reads on hostile messages.
Lengths could also overflow on 32 bit systems, leading to out of
boundary writes if not enough bytes have been allocated.
Authentication is handled by libICE, which is not affected, because the
macros for skipping already take care about memory boundaries.
Therefore, this flaw can only be used by authenticated clients or by
hostile servers (which could simply accept every MIT cookie). Most
session managers only use Unix sockets, so in many cases it takes a
local authenticated user.
In order to fix this, I decided to move the macros from SMlibint.h to
its only callers in sm_process.c, turning them into functions for much
easier error handling and readability.
Instead of skipping over the memory, validation happens during actual
read and memory allocation operations, as it's rather unlikely to
encounter hostile code anyway, i.e. my code has more error cleanup
handling in it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=103135
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Mihail Konev <k.mvc@ya.ru>
|
|
Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
fall-outs, when they contain space.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Syncs the invocation of configure with the one from the server.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
|
|
Even though this use was safe, some linkers produce a warning
when strcpy() is used, and this is the only use in libSM.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
It should be char *.
Reviewed-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: David Macek <david.macek.0@gmail.com>
|
|
File exists as a placeholder in case someone someday decides to add
additional auth methods on top of what libICE provides, but it's been
two decades and no one has, so stop spending time compiling & linking
for now.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Clears gcc warning of:
sm_client.c: In function 'SmcOpenConnection':
sm_client.c:199:13: warning: assignment discards 'const' qualifier from
pointer target type [enabled by default]
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
http://people.gnome.org/~walters/docs/build-api.txt
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Has never been converted to build in modular builds, so has been unusable
since X11R7.0 release in 2005. All known platforms with TLI/XTI support
that X11R7 & later releases run on also have (and mostly prefer) BSD
socket support for their networking API.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
On certain tables, add top and bottom borders to table
header and a bottom border to the table. This matches
what those tables in the old pdfs looked like.
the <?dbfo keep-together='always'> prevents tables from
splitting across pages. Useful for tiny tables.
Converting the colwidth to a floating point,
IE, 1* -> 1.0* cleans up these build errors:
WARNING: table-layout="fixed" and column-width unspecified
=> falling back to proportional-column-width(1)
Signed-off-by: Matt Dew <marcoz@osource.org>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Needed to fix gcc -Wwrite-strings arguments in callers such as xsm.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
With modern compilers and headers, they cause more problems than they
solve and just hide real issues.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Takes care of the other block of code confusingly sharing indent levels
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Gets rid of one of the multiple levels of bracketing that confusingly
shared the same indent level.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Both variables were locals in different scope levels of the same
function, leading to both confusing code and gcc -Wshadow warnings:
sm_genid.c: In function 'SmsGenerateClientID':
sm_genid.c:160:10: warning: declaration of 'temp' shadows a previous local
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: James Cloos <cloos@jhcloos.com>
|
|
1 - fix the capitalization of the ID attributes to match either the
<title> or <funcdef> string it goes with.
2 - fix any <linkend>'s that were affected by 1.
3 - any <function> in the docs that has an actual funcdef,
will become an olink.
Signed-off-by: Matt Dew <marcoz@osource.org>
|
|
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
