summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2024-07-20XRecordGetContext: Avoid double free in error pathAlan Coopersmith
XRecordFreeState() will handle the free for us, so let it. Found by gcc 14.1: XRecord.c:514:31: warning: use after ‘free’ of ‘*state.client_info + i * 8’ [CWE-416] [-Wanalyzer-use-after-free] 514 | if (state->client_info[i]->ranges) { | ~~~~~~~~~~~~~~~~~~^~~ [...] | 455 | free(client_inf); | | ~~~~~~~~~~~~~~~~ | | | | | (18) freed here Fixes: e7e04b7 ("integer overflow in XRecordGetContext() [CVE-2013-2063]") Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxtst/-/merge_requests/7>
2022-09-28Coverity CID 1373522: Fix memory leakChristos Zoulas
Signed-off-by: Thomas Klausner <wiz@gatalith.at>
2022-08-20Remove obsolete casts from Xmalloc() and Xcalloc() callsAlan Coopersmith
Not needed in C89 and later Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2022-08-18Variable scope reductions as suggested by cppcheckAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2022-08-18Resolve -Wsign-compare warningsAlan Coopersmith
XRecord.c: In function ‘XRecordFreeState’: XRecord.c:515:15: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] for(i=0; i<state->nclients; i++) { ^ XRecord.c: In function ‘parse_reply_call_callback’: XRecord.c:752:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 4 > rep->length << 2) ^ XRecord.c:759:28: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 1 > rep->length << 2) ^ XRecord.c:763:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 8 > rep->length << 2) ^ XRecord.c:777:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 4 > rep->length << 2) ^ XRecord.c:785:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 4 > rep->length << 2) ^ XRecord.c:792:28: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 4 > rep->length<<2) ^ XRecord.c:797:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 8 > rep->length << 2) ^ XRecord.c:810:28: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 8 > rep->length << 2) ^ XRecord.c:818:25: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index + 4 > rep->length << 2) ^ XRecord.c:824:31: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] } else if (current_index < rep->length << 2) ^ XRecord.c:830:24: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] if (current_index < rep->length << 2) ^ XRecord.c:859:27: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] } while (current_index<rep->length<<2); ^ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2022-08-18send_axes: Mark switch statement fallthrough as intentionalAlan Coopersmith
Quiets gcc warnings: XTest.c: In function ‘send_axes’: XTest.c:274:19: warning: this statement may fall through [-Wimplicit-fallthrough=] ev.valuator5 = *(axes+5); ~~~~~~~~~~~~~^~~~~~~~~~~ XTest.c:275:2: note: here case 5: ^~~~ XTest.c:276:19: warning: this statement may fall through [-Wimplicit-fallthrough=] ev.valuator4 = *(axes+4); ~~~~~~~~~~~~~^~~~~~~~~~~ XTest.c:277:2: note: here case 4: ^~~~ XTest.c:278:19: warning: this statement may fall through [-Wimplicit-fallthrough=] ev.valuator3 = *(axes+3); ~~~~~~~~~~~~~^~~~~~~~~~~ XTest.c:279:2: note: here case 3: ^~~~ XTest.c:280:19: warning: this statement may fall through [-Wimplicit-fallthrough=] ev.valuator2 = *(axes+2); ~~~~~~~~~~~~~^~~~~~~~~~~ XTest.c:281:2: note: here case 2: ^~~~ XTest.c:282:19: warning: this statement may fall through [-Wimplicit-fallthrough=] ev.valuator1 = *(axes+1); ~~~~~~~~~~~~~^~~~~~~~~~~ XTest.c:283:2: note: here case 1: ^~~~ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2016-09-25Out of boundary access and endless loop in libXtstTobias Stoeckmann
A lack of range checks in libXtst allows out of boundary accesses. The checks have to be done in-place here, because it cannot be done without in-depth knowledge of the read data. If XRecordStartOfData, XRecordEndOfData, or XRecordClientDied without a client sequence have attached data, an endless loop would occur. The do-while-loop continues until the current index reaches the end. But in these cases, the current index would not be incremented, leading to an endless processing. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
2013-11-22Remove fallback for _XEatDataWords, require libX11 1.6 for itMichael Joost
_XEatDataWords was orignally introduced with the May 2013 security patches, and in order to ease the process of delivering those, fallback versions of _XEatDataWords were included in the X extension library patches so they could be applied to older versions that didn't have libX11 1.6 yet. Now that we're past that hurdle, we can drop the fallbacks and just require libX11 1.6 for building new versions of the extension libraries. Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-05-07integer overflow in XRecordGetContext() [CVE-2013-2063]Alan Coopersmith
The nclients and nranges members of the reply are both CARD32 and need to be bounds checked before multiplying by the size of the structs to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-04-13Use _XEatDataWords to eat data in error casesAlan Coopersmith
Avoids having to do calculcations based on response contents Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2012-04-27Move -I flags from AM_CFLAGS to AM_CPPFLAGSAlan Coopersmith
Ensures local copy of headers takes precedence over any -I flags the builder may have passed in CPPFLAGS. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
2011-11-10Fix gcc -Wwrite-strings warningsAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2011-09-16Strip trailing whitespaceAlan Coopersmith
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}' git diff -w & git diff -b show no diffs from this change Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2010-10-13Allow more than 6 axes to be sent.Tobias Koch
From: Tobias Koch <tobias.koch@nokia.com> If the number of axes exceeds 6, X server will return BadValue for XTestFakeInput because the number of axes in a single DeviceValuator event is incorrectly set to the total number of axes. Signed-off-by: Tobias Koch <tobias.koch@nokia.com> Reviewed-by: Rami Ylimäki <rami.ylimaki@vincit.fi> Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2010-10-06Purge cvs tags.Jesse Adkins
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2010-07-08Purge macros NEED_EVENTS and NEED_REPLIESFernando Carrijo
Signed-off-by: Fernando Carrijo <fcarrijo@yahoo.com.br> Acked-by: Tiago Vignatti <tiago.vignatti@nokia.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2010-02-16config: move CWARNFLAGS from configure.ac to Makefile.amGaetan Nadon
Compiler warning flags should be explicitly set in the makefile rather than being merged with other packages compiler flags. Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
2009-08-20Include recordproto.h instead of recordstr.hPeter Hutterer
2009-08-20Move record headers to here.Peter Hutterer
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2009-08-14XRecord: avoid use of uninitialised variables.Peter Hutterer
Both variables are initialized inside an if condition but later checked for NULL. Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2009-07-20Move XTest.h header from xextproto/libXext to here.Peter Hutterer
XTest.h was in xextproto until xextproto-7.1 and did a short but whoefully misguided visit to libXext during the cleanup of the xextproto headers. Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2009-07-16Include xtestproto.h, not xteststr.hPeter Hutterer
Require xextproto 7.0.99.1. Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2009-01-30Janitor: ansification, make distcheck, compiler warnings.Paulo Cesar Pereira de Andrade
Manual page generation, and xmlto handling, shamelessly cut&paste'd from libXi/man/Makefile.am, so that make distcheck will work.
2008-05-19Rename parameters to clarify QueryExtension call.Peter Hutterer
These parameters are not treated as input. Rename them to make the inner workings slightly more obvious. X.Org Bug 14511 <http://bugs.freedesktop.org/show_bug.cgi?id=14511>
2007-06-06Coverity #578/579: Don't leak memory if one malloc fails but other succeedsAlan Coopersmith
(Unlikely to happen, since the smaller malloc was first, but still possible.)
2007-06-06ANSIfy static function declarations (clears some lint warnings)Alan Coopersmith
2007-06-06Add hooks to check code with sparse/lintAlan Coopersmith
2006-07-13renamed: .cvsignore -> .gitignoreAlan Coopersmith
2005-08-03Do PKG_CHECK_MODULES on a unique token instead of on "DEP", so builds withAdam Jackson
a global configure cache don't get confused.
2005-07-16Set soversion to 6.1.0 with -version-number.Daniel Stone
2005-07-14more trailing whitespaceAdam Jackson
2005-07-09Add .cvsignore files Switch _la_CFLAGS for AM_CFLAGS to clean up directoryKeith Packard
2005-07-02Add appropriate lib*_CFLAGS to Makefile.am's -- fixes build problemsKevin E Martin
2005-06-13- Add Xtst to symlink.shSøren Sandmann Pedersen
- Add Xtst build system
2004-05-24Fix build glitches when building modules independently using Imake.xprint_packagertest_20041217_basexprint_packagertest_20041125_basesco_port_update-baserel-0-6-1lg3d-rel-0-7-0lg3d-rel-0-6-2lg3d-baseXORG-6_8_99_903XORG-6_8_99_902XORG-6_8_99_901XORG-6_8_99_900XORG-6_8_99_9XORG-6_8_99_8XORG-6_8_99_7XORG-6_8_99_6XORG-6_8_99_5XORG-6_8_99_4XORG-6_8_99_3XORG-6_8_99_2XORG-6_8_99_16XORG-6_8_99_15XORG-6_8_99_14XORG-6_8_99_13XORG-6_8_99_12XORG-6_8_99_11XORG-6_8_99_10XORG-6_8_99_1XORG-6_8_2XORG-6_8_1_904XORG-6_8_1_903XORG-6_8_1_902XORG-6_8_1_901XORG-6_8_1XORG-6_8_0XORG-6_7_99_904XORG-6_7_99_903XORG-6_7_99_902XORG-6_7_99_901XORG-6_7_99_2XORG-6_7_99_1xprint_packagertest_20041217xprint_packagertest_20041125sco_port_updatelg3d-masterlg3d-eventlg3d-dev-0-7-1lg3d-dev-0-7-0lg3d-dev-0-6-latestlg3d-dev-0-6-2lg3d-dev-0-6-1-latestlg3d-dev-0-6-1-currentlg3d-dev-0-6-1-1lg3d-dev-0-6-1lg3dXORG-6_8-branchCOMPOSITEWRAPEgbert Eich
2004-04-23Merging XORG-CURRENT into trunkXACE-SELINUX-MERGEEgbert Eich
2004-03-14Importing vendor version xf86-4_4_99_1 on Sun Mar 14 00:26:39 PST 2004xf86-4_4_99_1Egbert Eich
2004-03-03Importing vendor version xf86-4_4_0 on Wed Mar 3 04:09:24 PST 2004xf86-4_4_0STSF-CURRENTEgbert Eich
2004-02-26readding XFree86's cvs IDsxf86-4_3_99_903Egbert Eich
2004-02-26Importing vendor version xf86-4_3_99_903 on Wed Feb 26 01:21:00 PST 2004Egbert Eich
2003-11-25XFree86 4.3.99.16 Bring the tree up to date for the Cygwin folksxf86-4_3_99_903_specialxf86-4_3_99_902xf86-4_3_99_901xf86-4_3_99_16xf86-012804-2330Kaleb Keithley
2003-11-14XFree86 4.3.0.1xf86-4_3_0_1PRE_xf86-4_3_0_1Kaleb Keithley
2003-11-14R6.6 is the Xorg base-lineXORG-MAINXORG-STABLEKaleb Keithley