summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2018-09-22Fix sign comparison warnings for loop indexesAlan Coopersmith
XvMC.c: In function ‘XvMCListSurfaceTypes’: XvMC.c:124:19: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] for(i = 0; i < rep.num; i++) { ^ XvMC.c: In function ‘XvMCListSubpictureTypes’: XvMC.c:185:26: warning: comparison between signed and unsigned integer expressions [-Wsign-compare] for(i = 0; i < rep.num; i++) { ^ Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2018-09-22Need to check for -1, not 0, to determine if shmat() failedAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2018-09-22Fix handling of shmKey in XvMCGetDRInfoNeha Gupta
If we store the result of shmget in a CARD32 (unsigned int), then checking if it returned -1 for an error by using >= 0 doesn't work. Also, once the request is flushed from the buffer (as XReply does), there's no guarantee the values in it are still valid, so it's better to rely on our local variable instead. Fixes: https://gitlab.freedesktop.org/xorg/lib/libxvmc/issues/1 Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2016-09-25Avoid buffer underflow on empty strings.Tobias Stoeckmann
If an empty string is received from an x-server, do not underrun the buffer by accessing "rep.nameLen - 1" unconditionally, which could end up being -1. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
2013-11-22Remove fallback for _XEatDataWords, require libX11 1.6 for itMichael Joost
_XEatDataWords was orignally introduced with the May 2013 security patches, and in order to ease the process of delivering those, fallback versions of _XEatDataWords were included in the X extension library patches so they could be applied to older versions that didn't have libX11 1.6 yet. Now that we're past that hurdle, we can drop the fallbacks and just require libX11 1.6 for building new versions of the extension libraries. Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-06-24Require ANSI C89 pre-processor, drop pre-C89 token pasting supportAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-06-06avoid overflowing by making nameLen and busIDLen addition overflowJulien Cristau
Al Viro pointed this out on lwn: if nameLen + busIDLen overflows, we end up copying data from outside tmpBuf. Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Julien Cristau <jcristau@debian.org> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-05-24Multiple unvalidated patches in CVE-2013-1999Dave Airlie
Al Viro pointed out that Debian started segfaulting in Xine for him, Reported-by: Al Viro Signed-off-by: Dave Airlie <airlied@redhat.com>
2013-04-26Multiple unvalidated assumptions in XvMCGetDRInfo() [CVE-2013-1999]Alan Coopersmith
The individual string sizes is assumed to not be more than the amount of data read from the network, and could cause buffer overflow if they are. The strings returned from the X server are assumed to be null terminated, and could cause callers to read past the end of the buffer if they are not. Also be sure to set the returned pointers to NULL, so callers don't try accessing bad pointers on failure cases. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-04-26integer overflow in _xvmc_create_*()Alan Coopersmith
rep.length is a CARD32 and should be bounds checked before left-shifting by 2 bits to come up with the total size to allocate, though in these cases, no buffer overflow should occur here, since the XRead call is passed the same rep.length << 2 length argument, but the *priv_count returned to the caller could be interpreted or used to calculate a larger buffer size than was actually allocated, leading them to go out of bounds. Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-04-26integer overflow in XvMCListSubpictureTypes() [CVE-2013-1990 2/2]Alan Coopersmith
rep.num is a CARD32 and needs to be bounds checked before multiplying by sizeof(XvImageFormatValues) to come up with the total size to allocate, to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-04-26integer overflow in XvMCListSurfaceTypes() [CVE-2013-1990 1/2]Alan Coopersmith
rep.num is a CARD32 and needs to be bounds checked before multiplying by sizeof(XvMCSurfaceInfo) to come up with the total size to allocate, to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2013-04-13Use _XEatDataWords to avoid overflow of rep.length shiftingAlan Coopersmith
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2011-11-10Fix gcc -Wwrite-strings warningsAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2011-09-16Strip trailing whitespaceAlan Coopersmith
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}' git diff -w & git diff -b show no diffs from this change Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2011-03-10config: use Automake defaults when checking for library functions.Gaetan Nadon
Which follows a uniform naming convention. Reviewed-by: Julien Cristau <jcristau@debian.org> Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
2011-03-07config: move wrapper in its own directoryGaetan Nadon
This prevents the use of per-target compiler flags. Makefiles are simpler. The -D flags for the wrapper are moved with pre-precessor flags. Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
2011-03-07Fix whitespace issuesGaetan Nadon
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
2010-08-13Purge cvs tags.Jesse Adkins
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2010-07-08Purge macro NEED_REPLIESFernando Carrijo
Signed-off-by: Fernando Carrijo <fcarrijo@yahoo.com.br> Acked-by: Tiago Vignatti <tiago.vignatti@nokia.com> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
2009-10-20Include XvMClib.hJeremy Huddleston
This fixes compilation breakage after 9190399907610486001f3676945958dbab4b837a in videoproto Found by tinderbox Signed-off-by: Jeremy Huddleston <jeremyhu@freedesktop.org>
2009-10-06Migrate to xorg macros 1.3 & XORG_DEFAULT_OPTIONSAlan Coopersmith
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
2009-02-02Janitor: make distcheck, compiler warnings, .gitignore.Paulo Cesar Pereira de Andrade
2009-02-02Add missing prototypes to XvMClibint.hPaulo Cesar Pereira de Andrade
This is done just to not generate compile warnings about functions without prototype, but at some time the comment in XvMC.c should be addressed: /****************************************************************** These are intended as a protocol interface to be used by direct rendering libraries. They are not intended to be client viewable functions. These will stay in place until we have a mechanism in place similar to that of OpenGL with an libXvMCcore library. *******************************************************************/
2006-09-27Add XvMCWrapper to lint targetAlan Coopersmith
2006-09-27Fix sparse warning: Using plain integer as NULL pointerAlan Coopersmith
2006-09-26Fix sparse warnings: Using plain integer as NULL pointerAlan Coopersmith
2006-09-26Add hooks for checking code with sparse/lint/etc.Alan Coopersmith
2006-07-13renamed: .cvsignore -> .gitignoreAlan Coopersmith
2006-06-16Define HAS_SHM if shmat() is foundAlan Coopersmith
Include <config.h> to get HAS_SHM define.
2006-04-03Bug #6479: Cygwin build fix. (Yaakov Selkowitz)XORG-7_0_99_901Adam Jackson
2006-03-22Set XVMC_CONFIGDIR to $(sysconfdir)/X11.Donnie Berkholz
2005-12-03Add check and cflags for malloc(0) returning NULL.Kevin E Martin
2005-11-26Bug #5067 <https://bugs.freedesktop.org/show_bug.cgi?id=5067> Add dotThomas Hellstrom
before revision definitions for libXvMCW (Cedric Berger)
2005-08-03Do PKG_CHECK_MODULES on a unique token instead of on "DEP", so builds withAdam Jackson
a global configure cache don't get confused.
2005-07-16Set soversion to 1.0.0 with -version-number.Daniel Stone
2005-07-12Set soversions to 1.0.0; add XvMClib.h.Daniel Stone
2005-07-09Add .cvsignore filesKeith Packard
2005-07-02Add appropriate lib*_CFLAGS to Makefile.am's -- fixes build problemsKevin E Martin
2005-06-20Add XvMC build systemSøren Sandmann Pedersen
2005-06-20Fix some includes in xc/lib/XvMCXORG-6_8_99_903XORG-6_8_99_902XORG-6_8_99_901XORG-6_8_99_900XORG-6_8_99_16XORG-6_8_99_15XORG-6_8_99_14XORG-6_8_99_13Søren Sandmann Pedersen
2004-12-04Encoding of numerous files changed to UTF-8xprint_packagertest_20041217_basesco_port_update-baseXORG-6_8_99_9XORG-6_8_99_8XORG-6_8_99_7XORG-6_8_99_6XORG-6_8_99_5XORG-6_8_99_4XORG-6_8_99_3XORG-6_8_99_2XORG-6_8_99_12XORG-6_8_99_11XORG-6_8_99_10XORG-6_8_99_1xprint_packagertest_20041217sco_port_updateMarkus Kuhn
2004-11-23Bugzilla #1883 (https://freedesktop.org/bugzilla/show_bug.cgi?id=1883): Fixxprint_packagertest_20041125_basexprint_packagertest_20041125Thomas Hellstrom
insufficient SHM detection in XvMC local test. Removed reference to getpagesize() which caused linking problems on s390. Reported by Stefan Dirsch <sndirsh@suse.de>
2004-11-13lib/XvMC/ImakeThomas Hellstrom
Added support for automatic loading of the correct hardware XvMC driver. This involves a protocol extension of the XvMC protocol. The XvMC revision number was bumped.
2004-10-20Imported via XvMC library release 0.13.0 from unichrome.sf.net. ThisThomas Hellstrom
enables hardware mpeg2 decoding for the CLE266 chip using the nonstandard VLD XvMC extension. Complete author information is available at the unichrome site. Updated the XvMC wrapper to look for version specific Xv and XvMC shared libraries.
2004-09-26Added the XvMC wrapper. First support for runtime loading of hardware-Thomas Hellstrom
specific XvMC libraries.
2004-04-23Merging XORG-CURRENT into trunkrel-0-6-1lg3d-rel-0-7-0lg3d-rel-0-6-2lg3d-baseXORG-6_8_2XORG-6_8_1_904XORG-6_8_1_903XORG-6_8_1_902XORG-6_8_1_901XORG-6_8_1XORG-6_8_0XORG-6_7_99_904XORG-6_7_99_903XORG-6_7_99_902XORG-6_7_99_901XORG-6_7_99_2XORG-6_7_99_1XACE-SELINUX-MERGElg3d-masterlg3d-eventlg3d-dev-0-7-1lg3d-dev-0-7-0lg3d-dev-0-6-latestlg3d-dev-0-6-2lg3d-dev-0-6-1-latestlg3d-dev-0-6-1-currentlg3d-dev-0-6-1-1lg3d-dev-0-6-1lg3dXORG-6_8-branchCOMPOSITEWRAPEgbert Eich
2004-03-14Importing vendor version xf86-4_4_99_1 on Sun Mar 14 00:26:39 PST 2004xf86-4_4_99_1Egbert Eich
2004-03-03Importing vendor version xf86-4_4_0 on Wed Mar 3 04:09:24 PST 2004xf86-4_4_0STSF-CURRENTEgbert Eich
2004-02-26readding XFree86's cvs IDsxf86-4_3_99_903Egbert Eich