| Age | Commit message (Collapse) | Author |
|---|
|
Found by gcc 14.1:
Xv.c: In function ‘XvQueryAdaptors’:
Xv.c:222:31: warning: dereference of NULL ‘<unknown>’ [CWE-476]
[-Wanalyzer-null-dereference]
222 | pa->type = (char) u.pa->type;
| ~~~~^~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxv/-/merge_requests/7>
|
|
Found by gcc 14.1:
Xv.c: In function ‘XvQueryEncodings’:
Xv.c:387:31: warning: dereference of NULL ‘<unknown>’ [CWE-476]
[-Wanalyzer-null-dereference]
387 | pe->encoding_id = u.pe->encoding;
| ~~~~^~~~~~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxv/-/merge_requests/7>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxv/-/merge_requests/7>
|
|
AC_PROG_LIBTOOL was replaced by LT_INIT in libtool 2 in 2008,
so it's time to rely on it.
Clears autoconf warnings:
configure.ac:34: warning: The macro `AC_PROG_LIBTOOL' is obsolete.
configure.ac:34: You should run autoupdate.
aclocal.m4:3465: AC_PROG_LIBTOOL is expanded from...
configure.ac:34: the top level
libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac,
libtoolize: and rerunning libtoolize and aclocal.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Oracle no longer includes this term in our copyright & license notices.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Clears 62 -Wimplicit-int-conversion, 38 -Wshorten-64-to-32, and
11 -Wsign-conversion warnings.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Clears 20 clang warnings of the form:
Xv.c:126:34: warning: empty expression statement has no effect;
remove unnecessary ';' to silence this warning [-Wextra-semi-stmt]
XvGetReq(QueryExtension, req);
^
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Found by using:
codespell --builtin clear,rare,usage,informal,code,names
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Mihail Konev <k.mvc@ya.ru>
|
|
Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
fall-outs, when they contain space.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Syncs the invocation of configure with the one from the server.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
|
|
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
|
|
The Xv query functions for adaptors and encodings suffer from out of
boundary accesses if a hostile X server sends a maliciously crafted
response.
A previous fix already checks the received length against fixed values
but ignores additional length specifications which are stored inside
the received data.
These lengths are accessed in a for-loop. The easiest way to guarantee
a correct processing is by validating all lengths against the
remaining size left before accessing referenced memory.
This makes the previously applied check obsolete, therefore I removed
it.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
Breaks out of tree lintlib builds by causing VPATH lookup to fail.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
_XEatDataWords was orignally introduced with the May 2013 security
patches, and in order to ease the process of delivering those,
fallback versions of _XEatDataWords were included in the X extension
library patches so they could be applied to older versions that didn't
have libX11 1.6 yet. Now that we're past that hurdle, we can drop
the fallbacks and just require libX11 1.6 for building new versions
of the extension libraries.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Reduce code duplication, make error checking & cleanup more consistent
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
If we failed to allocate the buffer to _XRead into, discard the
rest of the reply, instead of leaving it to confuse the reading
of the next reply.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
xvproto.h names don't match those required by the Xlibint.h GetReq* macros,
but at least we can rely on the _XGetRequest function for the bulk of the
work now, instead of duplicating it.
Also clears clang warnings repeated for every request function:
Xv.c:137:5: warning: cast from 'char *' to 'xvQueryExtensionReq *' increases re
quired alignment from 1 to 2 [-Wcast-align]
XvGetReq(QueryExtension, req);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./Xvlibint.h:52:8: note: expanded from macro 'XvGetReq'
req = (xv##name##Req *)(dpy->last_req = dpy->bufptr);\
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Xv.c:137:5: warning: implicit conversion loses integer precision: 'int' to 'CAR
D8' (aka 'unsigned char') [-Wconversion]
XvGetReq(QueryExtension, req);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./Xvlibint.h:53:30: note: expanded from macro 'XvGetReq'
req->reqType = info->codes->major_opcode;\
~ ~~~~~~~~~~~~~^~~~~~~~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
|
|
Makes code clearer, and using ~3U instead of ~3 clears some signed int
warnings.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Clears up:
Xv.c:196:21: warning: implicit conversion changes signedness: 'CARD32' (aka 'unsigned int') to 'int' [-Wsign-conversion]
size = rep.length << 2;
~ ~~~~~~~~~~~^~~~
Xv.c:212:41: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ((pas=(XvAdaptorInfo *)Xmalloc(size))==NULL) {
~~~~~~~~^~~~~
Xv.c:236:43: warning: implicit conversion changes signedness: 'int' to 'unsigned long' [-Wsign-conversion]
pa->num_adaptors = rep.num_adaptors - ii;
~ ~~~~~~~~~~~~~~~~~^~~~
Xv.c:243:40: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ( (name = (char *)Xmalloc(size+1)) == NULL)
~~~~~~~~~~~~^~~
Xv.c:251:37: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
(void)strncpy(name, u.string, size);
~~~~~~~ ^~~~
Xv.c:260:36: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ((pfs=(XvFormat *)Xmalloc(size))==NULL) {
~~~~~~~~^~~~~
Xv.c:269:20: warning: comparison of integers of different signs: 'int' and 'unsigned long' [-Wsign-compare]
for (jj=0; jj<pa->num_formats; jj++) {
~~^~~~~~~~~~~~~~~~
Xv.c:259:29: warning: implicit conversion loses integer precision: 'unsigned long' to 'int' [-Wshorten-64-to-32]
size = pa->num_formats*sizeof(XvFormat);
~ ~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
Xv.c:305:16: warning: comparison of integers of different signs: 'int' and 'unsigned long' [-Wsign-compare]
for (ii=0; ii<pAdaptors->num_adaptors; ii++, pa++)
~~^~~~~~~~~~~~~~~~~~~~~~~~
Xv.c:356:21: warning: implicit conversion changes signedness: 'CARD32' (aka 'unsigned int') to 'int' [-Wsign-conversion]
size = rep.length << 2;
~ ~~~~~~~~~~~^~~~
Xv.c:369:41: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ( (pes = (XvEncodingInfo *)Xmalloc(size)) == NULL) {
~~~~~~~~^~~~~
Xv.c:392:45: warning: implicit conversion changes signedness: 'int' to 'unsigned long' [-Wsign-conversion]
pe->num_encodings = rep.num_encodings - jj;
~ ~~~~~~~~~~~~~~~~~~^~~~
Xv.c:397:40: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
if ( (name = (char *)Xmalloc(size+1)) == NULL) {
~~~~~~~~~~~~^~~
Xv.c:404:31: warning: implicit conversion changes signedness: 'int' to 'size_t' (aka 'unsigned long') [-Wsign-conversion]
strncpy(name, u.string, size);
~~~~~~~ ^~~~
Xv.c:433:16: warning: comparison of integers of different signs: 'int' and 'unsigned long' [-Wsign-compare]
for (ii=0; ii<pEncodings->num_encodings; ii++, pe++) {
~~^~~~~~~~~~~~~~~~~~~~~~~~~~
Xv.c:886:27: warning: comparison of integers of different signs: 'int' and 'CAR
D32' (aka 'unsigned int') [-Wsign-compare]
for (i = 0; i < rep.num_attributes; i++) {
~ ^ ~~~~~~~~~~~~~~~~~~
Xv.c:946:27: warning: comparison of integers of different signs: 'int' and 'CAR
D32' (aka 'unsigned int') [-Wsign-compare]
for (i = 0; i < rep.num_formats; i++) {
~ ^ ~~~~~~~~~~~~~~~
Xv.c:1100:5: warning: comparison of integers of different signs: 'int' and 'unsigned int' [-Wsign-compare]
SetReqLen(req, len, len);
^~~~~~~~~~~~~~~~~~~~~~~~
X11/Xlibint.h:530:27: note: expanded from macro 'SetReqLen'
if ((req->length + n) > (unsigned)65535) { \
^ ~~~~~~~~~~~~~~~
Xv.c:1100:20: warning: implicit conversion changes signedness: 'int' to 'unsigned int' [-Wsign-conversion]
SetReqLen(req, len, len);
~~~~~~~~~~~~~~~^~~~~~~~~
X11/Xlibint.h:532:21: note: expanded from macro 'SetReqLen'
MakeBigReq(req,n) \
^
X11/Xlibint.h:505:35: note: expanded from macro 'MakeBigReq'
((CARD32 *)req)[1] = _BRlen + n + 2; \
~ ^
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
|
|
Having differing indent levels of 2, 3, & 4 spaces hurts my eyes.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
memory.
This patch attempts to fix this bug by ensuring that there is at least one
nil byte at the end of all the name strings. This should prevent reading
past the end of the allocation as well as exposing uninitialized memory.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
num_planes is a CARD32 and needs to be bounds checked before bit shifting
and adding to sizeof(XvImage) to come up with the total size to allocate,
to avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
num_formats is a CARD32 and needs to be bounds checked before multiplying
by sizeof(XvImageFormatValues) to come up with the total size to allocate,
to avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Each attribute returned in the reply includes the number of bytes
to read for its marker. We had been always trusting it, and never
validating that it wouldn't cause us to write past the end of the
buffer we allocated based on the reported text_size.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
The num_attributes & text_size members of the reply are both CARD32s
and need to be bounds checked before multiplying & adding them together
to come up with the total size to allocate, to avoid integer overflow
leading to underallocation and writing data from the network past the
end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
http://people.gnome.org/~walters/docs/build-api.txt
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
|
Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=22829
Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
|
|
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Group statements per section as per Autoconf standard layout
Quote statements where appropriate.
Autoconf recommends not using dnl instead of # for comments
Use AC_CONFIG_FILES to replace the deprecated AC_OUTPUT with parameters.
Add AC_CONFIG_SRCDIR([Makefile.am])
Remove redundant AC_SUBST(*_CFLAGS) and/or *_LIBS
No functional configuration changes
This helps automated maintenance and release activities.
Details can be found in http://wiki.x.org/wiki/NewModuleGuidelines
|
|
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
|
XORG_STRICT_OPTION from XORG_DEFAULT_OPTIONS calls
AC_PROG_C_C99. This sets gcc with -std=gnu99.
If AC_PROG_CC macro is called afterwards, it resets CC to gcc.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
