GitLab

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Mihail Konev authored Jan 26, 2017 and Peter Hutterer committed Jan 26, 2017

Signed-off-by: Mihail Konev <k.mvc@ya.ru>

Emil Velikov authored Mar 09, 2015 and Peter Hutterer committed Jan 26, 2017

Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
fall-outs, when they contain space.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

Syncs the invocation of configure with the one from the server.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>

Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>

Tobias Stoeckmann authored Sep 25, 2016 and Matthieu Herrb committed Sep 25, 2016

Individual lengths inside received server data can overflow
the previously reserved memory.

It is therefore important to validate every single length
field to not overflow the previously agreed sum of all invidual
length fields.

v2: consume remaining bytes in the reply buffer on error.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb@laas.fr

Tobias Stoeckmann authored Sep 25, 2016 and Matthieu Herrb committed Sep 25, 2016

The memory for filter names is reserved right after receiving the reply.
After that, filters are iterated and each individual filter name is
stored in that reserved memory.

The individual name lengths are not checked for validity, which means
that a malicious server can reserve less memory than it will write to
during each iteration.

v2: consume remaining bytes in reply buffer on error.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>

Lauri Kasanen authored May 18, 2015 and Adam Jackson committed May 21, 2015

Before this patch, it wasn't mentioned in this file at all, which
is a monumental oversight.
Signed-off-by: Lauri Kasanen <cand@gmx.com>

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Clemens Eisserer authored Nov 23, 2013 and Keith Packard committed Nov 23, 2013

Request length calculation inside XRenderCompositeText32 is broken for
the case where the number of glyphs fits exactky inside the last
xGlyphElt.

In XRenderCompositeText8 and XRenderCompositeText16 this case is
handled properly, somehow the "-1" got missing in
XRenderCompositeText32.
Reviewed-by: Keith Packard <keithp@keithp.com>

Michael Joost authored Nov 18, 2013 and Alan Coopersmith committed Nov 22, 2013

_XEatDataWords was orignally introduced with the May 2013 security
patches, and in order to ease the process of delivering those,
fallback versions of _XEatDataWords were included in the X extension
library patches so they could be applied to older versions that didn't
have libX11 1.6 yet.   Now that we're past that hurdle, we can drop
the fallbacks and just require libX11 1.6 for building new versions
of the extension libraries.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

The length and numIndexValues members of the reply are both CARD32 and
need to be bounds checked before multiplying by sizeof (XIndexValue) to
avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

The length, numFormats, numScreens, numDepths, and numVisuals members of
the reply are all CARD32 and need to be bounds checked before multiplying
and adding them together to come up with the total size to allocate, to
avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

The length, numFilters & numAliases members of the reply are all CARD32
and need to be bounds checked before multiplying & adding them together
to come up with the total size to allocate, to avoid integer overflow
leading to underallocation and writing data from the network past the
end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Colin Walters authored Jan 04, 2012 and Adam Jackson committed Jan 15, 2013

http://people.gnome.org/~walters/docs/build-api.txt

Signed-off-by: Adam Jackson <ajax@redhat.com>

Signed-off-by: Adam Jackson <ajax@redhat.com>

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Emanuele Giaquinta authored Jan 02, 2012 and Jeremy Huddleston Sequoia committed Feb 28, 2012

Due to C arithmetic conversion rules we must use an unsigned constant (or a
cast) to perform the multiplication using unsigned arithmetic.
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>

Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Clears Sun compiler warning:
"Xrender.c", line 127: warning: integer overflow detected: op "<<"
since 1 << 31 overflows a signed 32-bit int.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Group statements per section as per Autoconf standard layout
Quote statements where appropriate.
Autoconf recommends not using dnl instead of # for comments

Use AC_CONFIG_FILES to replace the deprecated AC_OUTPUT with parameters.
Add AC_CONFIG_SRCDIR([Makefile.am])
Remove redundant AC_SUBST(*_CFLAGS) and/or *_LIBS
Update minimum version of util-macros to at least 1.8.
No functional configuration changes

This helps automated maintenance and release activities.
Details can be found in http://wiki.x.org/wiki/NewModuleGuidelines

Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

XORG_STRICT_OPTION from XORG_DEFAULT_OPTIONS calls
AC_PROG_C_C99. This sets gcc with -std=gnu99.
If AC_PROG_CC macro is called afterwards, it resets CC to gcc.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

Signed-off-by: Aaron Plattner <aplattner@nvidia.com>

Fernando Carrijo authored Jul 01, 2010 and Alan Coopersmith committed Jul 08, 2010

Signed-off-by: Fernando Carrijo <fcarrijo@yahoo.com.br>
Acked-by: Tiago Vignatti <tiago.vignatti@nokia.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Automake always includes it in the tarball.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

Refer to: Composite.c
Copyright © 2000 SuSE, Inc.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>

Signed-off-by: Rémi Cardona <remi@gentoo.org>
Reviewed-by: Gaetan Nadon <memsize@videotron.ca>
Reviewed-by: Alan Coopersmith <alan.coopersmith@sun.com>
Reviewed-by: Dan Nicholson <dbn.lists@gmail.com>

Now that the INSTALL file is generated.
Allows running make maintainer-clean.

Add missing INSTALL file. Use standard GNU file on building tarball
README may have been updated
Remove AUTHORS file as it is empty and no content available yet.
Remove NEWS file as it is empty and no content available yet.

This macro aggregate a number of existing macros that sets commmon
X.Org components configuration options. It shields the configuration file from
future changes.

ChangeLog filename is known to Automake and requires no further
coding in the makefile.

Using common defaults will reduce errors and maintenance.
Only the very small or inexistent custom section need periodic maintenance
when the structure of the component changes. Do not edit defaults.

Tomáš Chvátal authored Nov 29, 2009 and Julien Cristau committed Nov 29, 2009

Signed-off-by: Tomáš Chvátal <scarabeus@gentoo.org>
Signed-off-by: Julien Cristau <jcristau@debian.org>

On Wed, 2009-10-21 at 13:36 +1000, Peter Hutterer wrote:
> On Tue, Oct 20, 2009 at 08:23:55PM -0700, Jeremy Huddleston wrote:
> > I noticed an INSTALL file in xlsclients and libXvMC today, and it
> > was quite annoying to work around since 'autoreconf -fvi' replaces
> > it and git wants to commit it.  Should these files even be in git?
> > Can I nuke them for the betterment of humanity and since they get
> > created by autoreconf anyways?
>
> See https://bugs.freedesktop.org/show_bug.cgi?id=24206



As an interim measure, replace AM_INIT_AUTOMAKE([dist-bzip2]) with
AM_INIT_AUTOMAKE([foreign dist-bzip2]). This will prevent the generation
of the INSTALL file. It is also part of the 24206 solution.
Signed-off-by: Jeremy Huddleston <jeremyhu@freedesktop.org>