- 22 Oct, 2022 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 11 Sep, 2022 5 commits
-
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
Oliver Hattshire authored
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
- 10 Sep, 2022 1 commit
-
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
- 09 Sep, 2022 3 commits
-
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
Thomas E. Dickey authored
Signed-off-by:
Thomas E. Dickey <dickey@invisible-island.net>
-
- 07 Sep, 2022 4 commits
-
-
Alan Coopersmith authored
Xrender.c: In function ‘XRenderQueryFormats’: Xrender.c:406:19: warning: declaration of ‘xDepth’ shadows a global declaration [-Wshadow] xPictDepth *xDepth; ^~~~~~ In file included from /net/also.us.oracle.com/export/alanc/X.Org/amd64-gcc/install/usr/X11R7/include/X11/Xlibint.h:43:0, from Xrenderint.h:31, from Xrender.c:28: /net/also.us.oracle.com/export/alanc/X.Org/amd64-gcc/install/usr/X11R7/include/X11/Xproto.h:329:7: note: shadowed declaration is here } xDepth; ^~~~~~ Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
These are not needed in C89 and later Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 18 Jul, 2022 4 commits
-
-
Rationale: I don't have enough expertise to judge on how the tessellation algorithm is broken in XRenderComputeTrapezoids but I do trust Keith Packard that it is. However using cairo for proper tessellation, as he suggests, is too heavyweight, and here I propose to alter the code to at least do not cause coredumps. Even if/when the function will be marked as obsolete, I believe it is pretty much capable of rendering relatively simple shapes, and still retains some value.
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
Found by using: codespell --builtin clear,rare,usage,informal,code,names Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 07 Jan, 2022 1 commit
-
-
Robin Lindén authored
Signed-off-by:
Robin Linden <dev@robinlinden.eu>
-
- 08 Dec, 2018 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 20 Nov, 2018 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 26 Jan, 2017 3 commits
-
-
Signed-off-by:
Mihail Konev <k.mvc@ya.ru>
-
Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent fall-outs, when they contain space. Signed-off-by:
Emil Velikov <emil.l.velikov@gmail.com> Reviewed-by:
Peter Hutterer <peter.hutterer@who-t.net> Signed-off-by:
Peter Hutterer <peter.hutterer@who-t.net>
-
Peter Hutterer authored
Syncs the invocation of configure with the one from the server. Signed-off-by:
Peter Hutterer <peter.hutterer@who-t.net> Reviewed-by:
Emil Velikov <emil.velikov@collabora.com>
-
- 04 Oct, 2016 1 commit
-
-
Matthieu Herrb authored
Signed-off-by:
Matthieu Herrb <matthieu.herrb@laas.fr>
-
- 25 Sep, 2016 2 commits
-
-
Individual lengths inside received server data can overflow the previously reserved memory. It is therefore important to validate every single length field to not overflow the previously agreed sum of all invidual length fields. v2: consume remaining bytes in the reply buffer on error. Signed-off-by:
Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by:
Matthieu <Herrb@laas.fr>
-
The memory for filter names is reserved right after receiving the reply. After that, filters are iterated and each individual filter name is stored in that reserved memory. The individual name lengths are not checked for validity, which means that a malicious server can reserve less memory than it will write to during each iteration. v2: consume remaining bytes in reply buffer on error. Signed-off-by:
Tobias Stoeckmann <tobias@stoeckmann.org> Reviewed-by:
Matthieu Herrb <matthieu@herrb.eu>
-
- 21 May, 2015 1 commit
-
-
Before this patch, it wasn't mentioned in this file at all, which is a monumental oversight. Signed-off-by:
Lauri Kasanen <cand@gmx.com>
-
- 01 May, 2015 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 24 Nov, 2013 1 commit
-
-
Request length calculation inside XRenderCompositeText32 is broken for the case where the number of glyphs fits exactky inside the last xGlyphElt. In XRenderCompositeText8 and XRenderCompositeText16 this case is handled properly, somehow the "-1" got missing in XRenderCompositeText32. Reviewed-by:
Keith Packard <keithp@keithp.com>
-
- 23 Nov, 2013 1 commit
-
-
_XEatDataWords was orignally introduced with the May 2013 security patches, and in order to ease the process of delivering those, fallback versions of _XEatDataWords were included in the X extension library patches so they could be applied to older versions that didn't have libX11 1.6 yet. Now that we're past that hurdle, we can drop the fallbacks and just require libX11 1.6 for building new versions of the extension libraries. Reviewed-by:
Alan Coopersmith <alan.coopersmith@oracle.com> Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 14 Jun, 2013 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 05 May, 2013 2 commits
-
-
Alan Coopersmith authored
The length and numIndexValues members of the reply are both CARD32 and need to be bounds checked before multiplying by sizeof (XIndexValue) to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by:
Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
The length, numFormats, numScreens, numDepths, and numVisuals members of the reply are all CARD32 and need to be bounds checked before multiplying and adding them together to come up with the total size to allocate, to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by:
Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 04 May, 2013 2 commits
-
-
Alan Coopersmith authored
The length, numFilters & numAliases members of the reply are all CARD32 and need to be bounds checked before multiplying & adding them together to come up with the total size to allocate, to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by:
Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
Alan Coopersmith authored
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 15 Jan, 2013 2 commits
-
-
Adam Jackson authored
Signed-off-by:
Adam Jackson <ajax@redhat.com>
- 08 Mar, 2012 1 commit
-
-
Alan Coopersmith authored
Signed-off-by:
Alan Coopersmith <alan.coopersmith@oracle.com>
-
- 28 Feb, 2012 1 commit
-
-
Due to C arithmetic conversion rules we must use an unsigned constant (or a cast) to perform the multiplication using unsigned arithmetic. Reviewed-by:
Jeremy Huddleston <jeremyhu@apple.com>
-