openbsd/xenocara
1
0
Fork 0
mirror of https://github.com/openbsd/xenocara.git synced 2025-12-09 18:59:00 +00:00
Code Issues Projects Releases Wiki Activity
7,778 Commits 1 Branch 0 Tags
09e3b8478fe021badda92254a302c6bcb0a61b67
Commit Graph

502 Commits

Author SHA1 Message Date
matthieu
d016d47aa9 Xext: Fix out of bounds access in SProcScreenSaverSuspend() 
ZDI-CAN-14951, CVE-2021-4010
 2021-12-14 13:42:21 +00:00
matthieu
e66a53696b xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() 
ZDI-CAN-14950, CVE-2021-4009
 2021-12-14 13:41:38 +00:00
matthieu
43df806507 record: Fix out of bounds access in SwapCreateRegister() 
ZDI-CAN-14952, CVE-2021-4011
 2021-12-14 13:41:00 +00:00
matthieu
bf77042029 when xf86CrtcConfigPrivateIndex==-1 XF86_CRTC_CONFIG_PTR() causes an out of 
bounds read. White-space fix and ok jsg@
 2021-12-06 19:41:55 +00:00
matthieu
7910ce0fb2 Initialize mode->name for modes generated by libxcvt. 
ok jsg@ on the upstream merge request.
 2021-12-06 19:38:32 +00:00
jsg
20ddf00a06 don't free uninitialised pointers in glamor 
Attempting to run fvwm on a x61/965gm with xserver 1.21.1 with the
modesetting driver on amd64 would cause the xserver to
reliably crash.

problem introduced upstream in
2906ee5e4 ("glamor: Fix leak in glamor_build_program()")
which was backported to the 1.21 branch.

ok matthieu@
 2021-12-03 09:34:04 +00:00
matthieu
c82bd5db57 Use the InternalEvent event structure in more places in events handlers. 
This fixes a crash when a DeviceEvent struct converted to
InteralEvent was beeing copied as InternalEvent (and thus
causing out of bounds reads) in ActivateGrabNoDelivery()
 2021-11-17 19:46:39 +00:00
matthieu
a406534d9c Update to xserver 21.1.1 2021-11-11 09:10:04 +00:00
matthieu
e086cf5adf Update to xserver 21.1.0 2021-11-11 09:03:02 +00:00
deraadt
9c065891c9 missing pathnames on unveil() error 2021-09-06 13:33:11 +00:00
matthieu
5bd77e1667 Update to xserver 1.20.13. 2021-09-03 13:19:11 +00:00
matthieu
04380bf421 GetLocalClientCreds: prefer getsockopt(,SO_PEERCRED,) to getpeereid() 
This adds the pid of the local clients to LocalLientCred.
ok espie@
 2021-08-11 05:44:01 +00:00
matthieu
cbb2480f27 Close the console fd after probing if it's a wscons, even it fails. 
This avoids keeping an open file descriptor on machines
where /dev/console is not a wsdisplay device.
 2021-06-30 08:50:48 +00:00
drahn
be6f9bdd31 Initial attempt to build xserver for riscv64 
ok matthieu@
 2021-06-15 13:57:42 +00:00
matthieu
e26c45de6d Fix XChangeFeedbackControl() request underflow. 
CVE-2021-3472 / ZDI-CAN-1259
Reported by Jan-Niklas Sohn via Trend Micro.
 2021-04-13 14:11:12 +00:00
visa
d9345257d8 compiler.h: don't define inb/outb and friends on mips 
From Julien Cristau
0148a15da1616a868d71abe1b56e3f28cc79533c in xserver git
without arm_video.c changes.

Fixes clang 11 build on mips64.

Input and OK jsg@
 2021-03-13 13:42:26 +00:00
matthieu
a3d4d20555 Avoid sequences of malloc(0) / free() by checking the length. 
b2d96b5cd459963a9587ee9c86afc9266ba3d02b in xserver git

originally from deraadt@
 2021-03-13 09:43:58 +00:00
jsg
589df0861f record: Fix undefined memcpy in RecordAClientStateChange 
From Adam Jackson
f44ac101c523a0439bd1a864850e3c1a4e154549 in xserver git

avoids a large number of malloc(0) calls
ok deraadt@ who had almost the same diff
 2021-02-26 14:10:26 +00:00
jsg
9d1e1e287e change from /dev/drm to /dev/dri/ in xenocara 
ok matthieu@ kettenis@
 2021-02-20 05:47:46 +00:00
jsg
93548c7ad2 don't fatally error if unveil(2) sets ENOENT 
This occurs when trying to unveil a /dev/dri/ node when the directory
does not exist.
 2021-02-12 12:51:53 +00:00
jsg
dc62af507f add /dev/dri/card[0-3] to allowed devices 2021-02-12 10:40:15 +00:00
jca
3af997a65d Safer workaround for the "kame hack": only override sin6_scope_id if zero 
The assumption is that if sin6_scope_id is set, then the interface index
is no longer embedded in the address.

ok claudio@ matthieu@
 2021-01-21 22:46:18 +00:00
robert
1b93d47744 try to handle running out of file descriptors by refusing client connections 
in case the X server is near the limit and only allow connections again if
there are resources freed up

this is done by checking the amount of currently used FDs + a reserve and
comparing that to the FD limit

with help from benno@, millert@, florian@

ok matthieu@, benno@
 2021-01-10 19:33:10 +00:00
matthieu
5b5b8e1a85 Add a root window property with the console device. 2021-01-10 09:14:48 +00:00
matthieu
56c8d99afe Update X server to version 1.20.10. Tested by jsg@ and naddy@ 2020-12-12 09:30:50 +00:00
matthieu
dbbfd61190 Check SetMap request length carefully. 
Avoid out of bounds memory accesses on too short requests.

ZDI-CAN 11572 /  CVE-2020-14360
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
 2020-12-01 15:25:39 +00:00
matthieu
dd9addae94 Fix XkbSetDeviceInfo() and SetDeviceIndicators() heap overflows 
ZDI-CAN 11389 / CVE-2020-25712
Fix from Jan-Niklas Sohn working with Trend Micro.
 2020-12-01 15:21:28 +00:00
jsg
851807c713 build with --disable-dri3 when XENOCARA_BUILD_DRI is "no" 
fixes build breakage on alpha reported by deraadt@
 2020-08-28 02:20:19 +00:00
matthieu
bc29ab7850 Fix integer underflow in XRecordRegisterClients() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:43:26 +00:00
matthieu
83d462e24d Fix integer underflow in XkbSelectEvents() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:42:52 +00:00
matthieu
77c86a2898 Fix an integer underflow in XIChangeHierarchy() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:41:59 +00:00
matthieu
02b8f73518 Correct bounds checking in XkbSetNames() 
Reported by Jan-Niklas Sohn working with Trend Micro Zero Day Initiative.
 2020-08-25 15:40:59 +00:00
matthieu
0a2f4bc72f fix for X Server Pixel Data Uninitialized Memory Information Disclosure 
CVE-2020-14347

This vulnerability was discovered and reported to X.Org by Jan-Niklas
Sohn working with Trend Micro Zero Day Initiative.
 2020-07-31 14:00:21 +00:00
matthieu
60964e1bb6 sync white space with upstream. No code change. 2020-06-14 16:02:38 +00:00
jcs
6b6f912425 revert local change which removed -retro flag and adjust -br to 
properly override our default behavior of stippled root.

no objection from deraadt and kettenis
 2020-06-12 14:45:55 +00:00
matthieu
ad9a065c46 Release unused filedescriptors in the privileged X server process. 
There is no reason to keep /dev/pci* and /dev/ttyC* open in this process.
pointed to  by deraadt. ok kettenis@ deraadt@
 2020-04-20 18:17:25 +00:00
matthieu
806accb3da Remove unused files. 2020-04-18 09:41:18 +00:00
matthieu
ac0e12b4da dix: do not send focus event when grab actually does not change 
upstream commit 364d64981549544213e2bca8de6ff8a5b2b5a69e

Fixes an issue in xserver 1.20 where some applications were loosing
focus. Naddy@ reported it appeards in SDL 1.2 games (burgerspace).

tested and ok naddy@
 2020-04-14 17:29:21 +00:00
matthieu
9064f8eee5 Update to xserver 1.20.8. ok jsg@ robert@ 2020-04-13 08:06:58 +00:00
kettenis
fb24e5a8dd Use modesetting driver as the default for rkdrm(4). 
ok patrick@, jsg@
 2020-03-04 21:07:12 +00:00
matthieu
40d42722f6 Update to xserver 1.20.7 plus 2 extra fixes from upstream. ok jsg@ 2020-01-26 13:48:54 +00:00
matthieu
9a532c5475 Update to X server 1.20.6. Tested by naddy@ 2019-12-12 06:05:17 +00:00
kettenis
35220e47ea Add modesetting driver as a fall-back when appropriate such that we can 
use it when running withour root privileges which prevents us from
scanning the PCI bus.

This makes startx(1)/xinit(1) work again on modern systems with inteldrm(4),
radeondrm(4) and amdgpu(4).  In some cases this will result in using a
different driver than with xenodm(4) which may expose issues (e.g. when
we prefer the intel Xorg driver) or loss of acceleration (e.g. older
cards supported by radeondrm(4)).

ok jsg@, matthieu@
 2019-09-15 12:31:08 +00:00
jsg
5e7792301a sync i965 pci ids with xserver git master 
ok matthieu@
 2019-08-24 01:20:16 +00:00
jsg
38e2fafc5f remove duplicate ids added by patch in xserver 1.20.5 update 
ok matthieu@
 2019-08-24 01:15:31 +00:00
matthieu
1e4dc55ae1 Don't prune duplicate modes there. 
This function removes too many modes, causing trouble with the vesa
driver at least.  Problem reported by semarie@. Thanks.
 2019-08-15 14:48:45 +00:00
matthieu
d719f7f316 Remove one more file that is no longer part of upstream tarballs. 
Missed in previous commit.
 2019-08-03 17:19:54 +00:00
matthieu
95df71afbd Remove files that are no longer part of upstream tarballs. 
They accumulated over releases for various reasons.
No build change.
 2019-08-03 16:56:01 +00:00
matthieu
a77e9959f3 Update to xserver 1.20.5. Tested by jsg@ 2019-07-27 07:57:06 +00:00
jcs
fa30b33449 when probing for wsmouse devices, check up to wsmouse9 
ok deraadt
 2019-06-11 14:51:34 +00:00