| Age | Commit message (Collapse) | Author |
|---|
|
Found by using:
codespell --builtin clear,rare,usage,informal,code,names
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
We introduced a new label to handle the errors, we should use it
for the rest of the function.
Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
|
|
The original macro might exit the function without freeing `colorTable`.
Move the macros into a slightly less awful helper function and use goto
to clean up in case of error.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Found by Oracle's Parfait 2.2 static analyzer:
Error: File Leak
File Leak [file-ptr-leak]:
Leaked File fp
at line 94 of lib/libXpm/src/RdFToBuf.c in function 'XpmReadFileToBuffer
'.
fp initialized at line 86 with fdopen
fp leaks when len < 0 at line 92.
Introduced-by: commit 8b3024e6871ce50b34bf2dff924774bd654703bc
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=46475
https://bugs.freedesktop.org/attachment.cgi?id=57479
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
The values of file sizes and buffer sizes can exceed current limits.
Therefore, use proper variable types for these operations.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
libXpm uses unsigned int to store sizes, which fits size_t on 32 bit
systems, but leads to issues on 64 bit systems.
On 64 bit systems, it is possible to overflow 32 bit integers while
parsing XPM extensions in a file.
At first, it looks like a rather unimportant detail, because nobody
will seriously open a 4 GB file. But unfortunately XPM has support for
gzip compression out of the box. An attacker can therefore craft a
compressed file which is merely 4 MB in size, which makes an attack
much for feasable.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
libXpm does not properly handle EOF conditions when xpmGetC is called
multiple times in a row to construct a string. Instead of checking
its return value for EOF, the result is automatically casted into a
char and attached to a string.
By carefully crafting the color table in an XPM file, it is possible to
send a libXpm program like gimp into a very long lasting loop and
massive memory allocations.
Otherwise no memory issues arise, therefore this is just a purely
functional patch to dismiss invalid input.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <Matthieu@herrb.eu>
|
|
libXpm is vulnerable to an out of boundary read if an XPM file contains
a color with a symbolic name but without any default color value.
A caller must set XpmColorSymbols and a color with a NULL name in
the supplied XpmAttributes to XpmReadFileToImage (or other functions of
this type) in order to trigger this issue.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
For long arguments, use labs().
Reviewed-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
|
|
When NO_ZPIPE is defined, fcntl.h is not included in WrFFrI.c
although OpenWriteFile uses open, O_WRONLY, O_CREAT and O_TRUNC.
* src/WrFFrI.c: unconditionally include fcntl.h regardless
of NO_ZPIPE being defined or not.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
The filename is always a read-only argument, so it is a good idea
to let the caller now about it.
This patch does not change active code; the place where the attribute
is added will not break source-level compatibility because it adds
no restriction on caller side, just adds information; because the
lib code behaved the same way it will not break the binary interface
either.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes leak found by parfait 1.1 bug checking tool:
File Descriptor Leak: Leaked File Descriptor fd
at line 350 of lib/libXpm/src/WrFFrI.c in function 'OpenWriteFile'.
fd initialized at line 332 with open
fd leaks when strcmp(".Z", (filename + (len - 2))) != 0 at line 337
and strcmp(".gz", (filename + (len - 3))) != 0 at line 340.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
|
|
create.c: In function 'closeness_cmp':
create.c:224:5: warning: cast discards qualifiers from pointer target type
create.c:224:5: warning: cast discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
This fixes implicit declarations for strdup and strcasecmp.
Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Reduce some complexity in the src makefile as it should not
handle sibling directories.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
|
It is always included by Automake
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
|
CVS tag removal chopped too much out in this case...
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
|
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
|
|
The ansification code is minor edit of the patch (by me) at
https://bugs.freedesktop.org/show_bug.cgi?id=14727
as it would not apply cleanly anymore.
|
|
|
|
|
|
* src/XpmI.h [FOR_MSW]: Include simx.h instead of real X headers.
* src/simx.h (_XFUNCPROTOBEGIN, _XFUNCPROTOEND, NO_ZPIPE): Define.
(XAllocColor): Fix arg list in prototype.
(bzero, close, fdopen, index, rindex, open, strdup, O_RDONLY):
Map to W32 equivalents.
* src/RdFToI.c [FOR_MSW]: Include fcntl.h.
|
|
Clears some warnings from automake-1.10
|
|
|
|
free a random value from the stack if xpmHashTableInit returns an
error.
|
|
when xpmHashTableInit failed)
|
|
when xpmHashTableInit failed)
|
|
CID 121).
|
|
Fix man page installation
|
|
type.
|
|
|
|
|
|
|
|
- Add Xpm to symlink.sh
- Conditionally include config.h in xc/extras/Xpm
|
|
|
|
|
|
|
|
in the pipe. Remove extraneous tests on file names that broke some
applications. From Alex Reisen in Bugzilla #1920.
|
|
|
|
Alan Coopersmith from release 6.8.1.
Fail during initialization with error if font/fontset is not set for
widget. This prevents a sig11 later when the non-existent font/fontset
structs are referenced.
Check if xf86Info.kbdProc pointer is really set before calling it on abort
as this pointer won't be set if the new modular keyboard driver is used
(Matthias Hopf).
Added new libs to the bindist control files.
Removed inclusion of unnecessary kernel header on Linux. This may fail in
an -ansi environment.
|
|
|
|
|
|
|
|
|
