1. 14 Dec, 2021 1 commit
  2. 30 Oct, 2019 1 commit
    • Adam Jackson's avatar
      dix: Call SourceValidate before GetImage · 516e75db
      Adam Jackson authored and Adam Jackson's avatar Adam Jackson committed
      This ensures that any prep work for the drawable we're about to read
      from is already done before we call down to GetImage. This should be no
      functional change as most of the callers with a non-trivial
      SourceValidate are already wrapping GetImage and doing the equivalent
      thing, but we'll be simplifying that shortly.
      
      More importantly this ensures that if any of that prep work would
      generate events - like automatic compositing flushing rendering to a
      parent pixmap which then triggers damage - then it happens entirely
      before we start writing the GetImage reply header.
      
      Note that we do not do the same for GetSpans, but that's okay. The only
      way to get to GetSpans is through miCopyArea or miCopyPlane - where the
      callers must already call SourceValidate - or miGetImage - which this
      commit now protects with SourceValidate.
      
      Fixes: #902
      
      
      Reviewed-by: Michel Dänzer's avatarMichel Dänzer <mdaenzer@redhat.com>
      516e75db
  3. 10 Oct, 2017 1 commit
  4. 13 Mar, 2017 1 commit
    • Tobias Stoeckmann's avatar
      render: Fix out of boundary heap access · ac15d4ce
      Tobias Stoeckmann authored and Adam Jackson's avatar Adam Jackson committed
      
      
      ProcRenderCreateRadialGradient and ProcRenderCreateConicalGradient must
      be protected against an integer overflow during length check. This is
      already included in ProcRenderCreateLinearGradient since the fix for
      CVE-2008-2362.
      
      This can only be successfully exploited on a 32 bit system for an
      out of boundary read later on. Validated by using ASAN.
      
      Reviewed-by: Adam Jackson's avatarAdam Jackson <ajax@redhat.com>
      ac15d4ce
  5. 01 Mar, 2017 1 commit
  6. 11 May, 2016 1 commit
  7. 21 Sep, 2015 1 commit
  8. 21 Apr, 2015 1 commit
  9. 09 Dec, 2014 2 commits
  10. 12 Nov, 2014 1 commit
  11. 22 Apr, 2014 1 commit
    • Adam Jackson's avatar
      xfixes: Forbid manipulating clip for source-only pictures (#28968) · ba2432a0
      Adam Jackson authored and Keith Packard's avatar Keith Packard committed
      
      
      Just throw BadPicture instead of crashing.  It's not currently a
      meaningful thing to do anyway, RenderSetPictureRectangles would error if
      you tried (which this patch changes to BadPicture as well for
      consistency).  The problem with trying to do it is if the clip is
      specified as a pixmap then we try to convert it to a region, and
      ->BitmapToRegion requires a ScreenPtr, and source-only pictures don't
      have one.
      
      I can imagine a use for client clip on source-only pictures, so if we
      really wanted to allow this, probably the way forward is to always store
      the clip as a region internally, and when setting the clip _from_ a
      pixmap, look up BitmapToRegion relative to the pixmap not the picture.
      But since clearly nobody can be relying on it working...
      
      Signed-off-by: Adam Jackson's avatarAdam Jackson <ajax@redhat.com>
      Reviewed-by: default avatarHans de Goede <hdegoede@redhat.com>
      Reviewed-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
      Signed-off-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
      ba2432a0
  12. 12 Jan, 2014 1 commit
  13. 10 Jul, 2012 4 commits
  14. 21 May, 2012 1 commit
  15. 21 Mar, 2012 2 commits
    • Daniel Stone's avatar
      Indentation: Change '& stuff' to '&stuff' · ab3a815a
      Daniel Stone authored and Keith Packard's avatar Keith Packard committed
      
      
      If the typedef wasn't perfect, indent would get confused and change:
          foo = (SomePointlessTypedef *) &stuff[1];
      to:
          foo = (SomePointlessTypedef *) & stuff[1];
      
      Fix this up with a really naïve sed script, plus some hand-editing to
      change some false positives in XKB back.
      
      Signed-off-by: Daniel Stone's avatarDaniel Stone <daniel@fooishbar.org>
      ab3a815a
    • Keith Packard's avatar
      Introduce a consistent coding style · 9838b703
      Keith Packard authored
      
      
      This is strictly the application of the script 'x-indent-all.sh'
      from util/modular. Compared to the patch that Daniel posted in
      January, I've added a few indent flags:
      
      	-bap
      	-psl
      	-T PrivatePtr
      	-T pmWait
      	-T _XFUNCPROTOBEGIN
      	-T _XFUNCPROTOEND
      	-T _X_EXPORT
      
      The typedefs were needed to make the output of sdksyms.sh match the
      previous output, otherwise, the code is formatted badly enough that
      sdksyms.sh generates incorrect output.
      
      The generated code was compared with the previous version and found to
      be essentially identical -- "assert" line numbers and BUILD_TIME were
      the only differences found.
      
      The comparison was done with this script:
      
      dir1=$1
      dir2=$2
      
      for dir in $dir1 $dir2; do
      	(cd $dir && find . -name '*.o' | while read file; do
      		dir=`dirname $file`
      		base=`basename $file .o`
      		dump=$dir/$base.dump
      		objdump -d $file > $dump
      	done)
      done
      
      find $dir1 -name '*.dump' | while read dump; do
      	otherdump=`echo $dump | sed "s;$dir1;$dir2;"`
      	diff -u $dump $otherdump
      done
      
      Signed-off-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
      Acked-by: Daniel Stone's avatarDaniel Stone <daniel@fooishbar.org>
      Acked-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
      9838b703
  16. 23 Nov, 2011 1 commit
  17. 23 Sep, 2011 1 commit
  18. 21 Sep, 2011 2 commits
  19. 07 Apr, 2011 1 commit
  20. 04 Apr, 2011 1 commit
  21. 10 Mar, 2011 1 commit
  22. 08 Mar, 2011 1 commit
  23. 27 Dec, 2010 1 commit
  24. 07 Dec, 2010 1 commit
  25. 02 Dec, 2010 1 commit
  26. 20 Aug, 2010 1 commit
  27. 10 Jun, 2010 1 commit
  28. 06 Jun, 2010 1 commit
  29. 03 Jun, 2010 3 commits
  30. 19 May, 2010 2 commits
  31. 16 May, 2010 1 commit