Skip to content
Snippets Groups Projects
  1. Dec 17, 2024
  2. Dec 02, 2024
  3. Oct 31, 2024
    • Alan Coopersmith's avatar
      dix-config.h: add HAVE_SOCKLEN_T definition · 1a836cd4
      Alan Coopersmith authored
      
      Needed to build with IPv6 disabled using gcc 14 on some platforms to avoid:
      
      In file included from /usr/X11/include/X11/Xtrans/transport.c:67,
                       from xstrans.c:17:
      /usr/X11/include/X11/Xtrans/Xtranssock.c: In function ‘_XSERVTransSocketOpen’:
      /usr/X11/include/X11/Xtrans/Xtranssock.c:467:28: error: passing argument 5
       of ‘getsockopt’ from incompatible pointer type [-Wincompatible-pointer-types]
        467 |             (char *) &val, &len) == 0 && val < 64 * 1024)
            |                            ^~~~
            |                            |
            |                            size_t * {aka long unsigned int *}
      
      (Backport to xserver-21.1-branch of commit a1b5aa5a.
       Backport adds autoconf equivalent to meson change from master branch.)
      
      Signed-off-by: default avatarAlan Coopersmith <alan.coopersmith@oracle.com>
      Part-of: <!1737>
      1a836cd4
  4. Oct 30, 2024
  5. Oct 29, 2024
  6. Oct 22, 2024
  7. Oct 12, 2024
  8. Oct 11, 2024
  9. Oct 10, 2024
  10. Sep 01, 2024
  11. Aug 23, 2024
  12. Jul 23, 2024
  13. May 12, 2024
    • José Expósito's avatar
      ephyr: Fix incompatible pointer type build error · 8407181c
      José Expósito authored and Gabi Falk's avatar Gabi Falk committed
      Fix a compilation error on 32 bits architectures with gcc 14:
      
        ephyr_glamor_xv.c: In function ‘ephyr_glamor_xv_init’:
        ephyr_glamor_xv.c:154:31: error: assignment to ‘SetPortAttributeFuncPtr’ {aka ‘int (*)(struct _KdScreenInfo *, long unsigned int,  int,  void *)’} from incompatible pointer type ‘int (*)(KdScreenInfo *, Atom,  INT32,  void *)’ {aka ‘int (*)(struct _KdScreenInfo *, long unsigned int,  long int,  void *)’} [-Wincompatible-pointer-types]
          154 |     adaptor->SetPortAttribute = ephyr_glamor_xv_set_port_attribute;
              |                               ^
        ephyr_glamor_xv.c:155:31: error: assignment to ‘GetPortAttributeFuncPtr’ {aka ‘int (*)(struct _KdScreenInfo *, long unsigned int,  int *, void *)’} from incompatible pointer type ‘int (*)(KdScreenInfo *, Atom,  INT32 *, void *)’ {aka ‘int (*)(struct _KdScreenInfo *, long unsigned int,  long int *, void *)’} [-Wincompatible-pointer-types]
          155 |     adaptor->GetPortAttribute = ephyr_glamor_xv_get_port_attribute;
              |                               ^
      
      Build error logs:
      https://koji.fedoraproject.org/koji/taskinfo?taskID=111964273
      
      
      
      Signed-off-by: default avatarJosé Expósito <jexposit@redhat.com>
      (cherry picked from commit e89edec4)
      
      Part-of: <!1532>
      8407181c
  14. Apr 12, 2024
  15. Apr 09, 2024
    • Olivier Fourdan's avatar
      render: Avoid possible double-free in ProcRenderAddGlyphs() · b4ea6f9e
      Olivier Fourdan authored
      ProcRenderAddGlyphs() adds the glyph to the glyphset using AddGlyph() and
      then frees it using FreeGlyph() to decrease the reference count, after
      AddGlyph() has increased it.
      
      AddGlyph() however may chose to reuse an existing glyph if it's already
      in the glyphSet, and free the glyph that was given, in which case the
      caller function, ProcRenderAddGlyphs() will call FreeGlyph() on an
      already freed glyph, as reported by ASan:
      
        READ of size 4 thread T0
          #0 in FreeGlyph xserver/render/glyph.c:252
          #1 in ProcRenderAddGlyphs xserver/render/render.c:1174
          #2 in Dispatch xserver/dix/dispatch.c:546
          #3 in dix_main xserver/dix/main.c:271
          #4 in main xserver/dix/stubmain.c:34
          #5 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
          #6 in __libc_start_main_impl ../csu/libc-start.c:360
          #7  (/usr/bin/Xwayland+0x44fe4)
        Address is located 0 bytes inside of 64-byte region
        freed by thread T0 here:
          #0 in __interceptor_free libsanitizer/asan/asan_malloc_linux.cpp:52
          #1 in _dixFreeObjectWithPrivates xserver/dix/privates.c:538
          #2 in AddGlyph xserver/render/glyph.c:295
          #3 in ProcRenderAddGlyphs xserver/render/render.c:1173
          #4 in Dispatch xserver/dix/dispatch.c:546
          #5 in dix_main xserver/dix/main.c:271
          #6 in main xserver/dix/stubmain.c:34
          #7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
        previously allocated by thread T0 here:
          #0 in __interceptor_malloc libsanitizer/asan/asan_malloc_linux.cpp:69
          #1 in AllocateGlyph xserver/render/glyph.c:355
          #2 in ProcRenderAddGlyphs xserver/render/render.c:1085
          #3 in Dispatch xserver/dix/dispatch.c:546
          #4 in dix_main xserver/dix/main.c:271
          #5 in main xserver/dix/stubmain.c:34
          #6 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
        SUMMARY: AddressSanitizer: heap-use-after-free xserver/render/glyph.c:252 in FreeGlyph
      
      To avoid that, make sure not to free the given glyph in AddGlyph().
      
      v2: Simplify the test using the boolean returned from AddGlyph() (Michel)
      v3: Simplify even more by not freeing the glyph in AddGlyph() (Peter)
      
      Fixes: bdca6c3d - render: fix refcounting of glyphs during ProcRenderAddGlyphs
      Closes: #1659
      
      
      Signed-off-by: default avatarOlivier Fourdan <ofourdan@redhat.com>
      Part-of: <!1476>
      (cherry picked from commit 337d8d48)
      b4ea6f9e
  16. Apr 05, 2024
    • Willem Jan Palenstijn's avatar
      mi: fix rounding issues around zero in miPointerSetPosition · f54647df
      Willem Jan Palenstijn authored and Peter Hutterer's avatar Peter Hutterer committed
      Fixes: #577
      
      
      
      This patch replaces the instances of trunc in miPointerSetPosition by
      floor, thereby removing the incorrect behaviour with subpixel pointer
      locations between -1 and 0.
      
      This is the relevant code fragment:
      
          /* In the event we actually change screen or we get confined, we just
           * drop the float component on the floor
           * FIXME: only drop remainder for ConstrainCursorHarder, not for screen
           * crossings */
          if (x != trunc(*screenx))
              *screenx = x;
          if (y != trunc(*screeny))
              *screeny = y;
      
      The behaviour of this code does not match its comment for subpixel
      coordinates between -1 and 0. For example, if *screenx is -0.5, the
      preceding code would (correctly) clamp x to 0, but this would not be
      detected by this condition, since 0 == trunc(-0.5), leaving *screenx
      at -0.5, out of bounds.
      
      This causes undesirable behaviour in GTK3 code using xi2, where negative
      subpixel coordinates like this would (to all appearances randomly)
      remove the focus from windows aligned with the zero boundary when the
      mouse hits the left or top screen boundaries.
      
      The other occurences of trunc in miPointerSetPosition have a more subtle
      effect which would prevent proper clamping if there is a pointer limit
      at a negative integer rather than at 0. This patch changes these to
      floor for consistency.
      
      Signed-off-by: default avatarWillem Jan Palenstijn <wjp@usecode.org>
      Part-of: <!1451>
      (cherry picked from commit 0ee4ed28)
      f54647df
  17. Apr 03, 2024
  18. Mar 27, 2024
  19. Mar 23, 2024
    • Peter Hutterer's avatar
      Allow disabling byte-swapped clients · 5d7272f0
      Peter Hutterer authored and Alan Coopersmith's avatar Alan Coopersmith committed
      
      The X server swapping code is a huge attack surface, much of this code
      is untested and prone to security issues. The use-case of byte-swapped
      clients is very niche, so allow users to disable this if they don't
      need it, using either a config option or commandline flag.
      
      For Xorg, this adds the ServerFlag "AllowByteSwappedClients" "off".
      For all DDX, this adds the commandline options +byteswappedclients and
      -byteswappedclients to enable or disable, respectively.
      
      Fixes #1201
      Signed-off-by: default avatarPeter Hutterer <peter.hutterer@who-t.net>
      ---
      (cherry picked from commit 41277766)
      (cherry picked from commit af5cd5ac)
      Backport to server-21.1-branch modified to keep byte-swapping enabled
      by default but easy to disable by users or admins (or even by distros
      shipping an xorg.conf.d fragment in their packages).
      
      Signed-off-by: default avatarAlan Coopersmith <alan.coopersmith@oracle.com>
      Part-of: <!1440>
      5d7272f0
Loading