openbsd/xenocara
1
0
Fork 0
mirror of https://github.com/openbsd/xenocara.git synced 2025-12-12 12:19:10 +00:00
Code Issues Projects Releases Wiki Activity
7,522 Commits 1 Branch 0 Tags
a9b0c2567c09006935d5d077a269758c0620c98e
Commit Graph

54 Commits

Author SHA1 Message Date
aoyama
dd4313439f Add pad_to_double() when the function allocates memories for 'double' 
internally.

The functions wireToRawEvent() and copyRawEvent() get memories first,
then allocate memory blocks sequentially for several objects include
'double' from there.

On m88k, the memory area for 'double' should be 8-byte aligned, but
sizeof(XIRawEvent) is 60 and sizeof(out->valuators.mask_len) is 8.
In this case, allocated 'double' memory was not 8-byte aligned.

Because of this, 'xeyes' on luna88k was aborted with Bus Error right
after moving mouse for several years with sys/arch/m88k/m88k/trap.c
r.127.

Tested by me on luna88k, ok matthieu@
 2023-08-02 13:57:24 +00:00
matthieu
668895bbfa Update to libXi 1.8.1 2023-07-03 08:26:45 +00:00
matthieu
2c9e9392d1 Update to libXi 1.8 2021-11-11 08:58:33 +00:00
matthieu
10e0196fe9 Update to libXi 1.7.10. Tested by krw@ and naddy@ 2020-01-04 17:56:26 +00:00
matthieu
5b71eebdaa Update to libXi 1.7.9 2017-02-19 17:41:29 +00:00
matthieu
0e759a72d7 Update to libXi 1.7.8 2016-11-03 09:28:22 +00:00
matthieu
fd18c20e72 regen 2016-10-11 22:14:30 +00:00
matthieu
342b1570d2 Properly validate server responses 
By validating length fields from server responses, out of boundary
accesses and endless loops can be mitigated.

From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
 2016-10-04 15:01:03 +00:00
matthieu
0d928c6a2e Update to libXi 1.7.6 2016-08-06 09:56:28 +00:00
matthieu
eb9a486a3e No NEWS is good NEWS - remove a bunch of files not present upstreams anymore 2015-05-10 09:51:55 +00:00
matthieu
6d1b4b2eb2 Update to libXi 1.7.4 2014-09-28 17:22:58 +00:00
matthieu
3be5e5d5ea Update to libXi 1.7.2. 
Tested by ajacoutot@ against gnome.
 2014-05-09 19:55:33 +00:00
matthieu
61e2983c70 Fix a number of merge issues accumulated over the years 
- INSTALL often got doubled by patch
- empty AUTHORS files didn't get removed.
 2013-08-18 06:20:12 +00:00
guenther
b5bb12998e Bump the major on every single base library. There are a couple 
not bumped by this that will be corrected soon.

heavy lifting by todd@
 2013-08-13 07:07:07 +00:00
matthieu
531725f77c fix merge issues. 2013-05-31 18:38:23 +00:00
matthieu
cae6bdaef9 Update to libXi 1.6.3rc1 2013-05-31 15:15:07 +00:00
matthieu
52f6d0ba20 Merge upstream fixes for several X libs vulnerabilities 
discovered by Ilja van Sprundel.

CVE-2013-1981 X.org libX11 1.5.99.901 (1.6 RC1) integer overflows
CVE-2013-1982 X.org libXext 1.3.1 integer overflows
CVE-2013-1983 X.org libXfixes 5.0 integer overflows
CVE-2013-1984 X.org libXi 1.7.1 integer overflows
CVE-2013-1985 X.org libXinerama 1.1.2 integer overflows
CVE-2013-1986 X.org libXrandr 1.4.0 integer overflows
CVE-2013-1987 X.org libXrender 0.9.7 integer overflows
CVE-2013-1988 X.org libXRes 1.0.6 integer overflows
CVE-2013-1989 X.org libXv 1.0.7 integer overflows
CVE-2013-1990 X.org libXvMC 1.0.7 integer overflows
CVE-2013-1991 X.org libXxf86dga 1.1.3 integer overflows
CVE-2013-1992 X.org libdmx 1.1.2 integer overflows
CVE-2013-1994 X.org libchromeXvMC & libchromeXvMCPro in openChrome
0.3.2 integer overflows
CVE-2013-1995 X.org libXi 1.7.1 sign extension issues
CVE-2013-1996 X.org libFS 1.0.4 sign extension issues
CVE-2013-1997 X.org libX11 1.5.99.901 (1.6 RC1) buffer overflows
CVE-2013-1998 X.org libXi 1.7.1 buffer overflows
CVE-2013-1999 X.org libXvMC 1.0.7 buffer overflows
CVE-2013-2000 X.org libXxf86dga 1.1.3 buffer overflows
CVE-2013-2001 X.org libXxf86vm 1.1.2 buffer overflows
CVE-2013-2002 X.org libXt 1.1.3 buffer overflows
CVE-2013-2003 X.org libXcursor 1.1.13 integer overflows
CVE-2013-2004 X.org libX11 1.5.99.901 (1.6 RC1) unbounded recursion
CVE-2013-2005 X.org libXt 1.1.3 memory corruption
CVE-2013-2066 X.org libXv 1.0.7 buffer overflows
 2013-05-23 22:42:07 +00:00
matthieu
2bd9f468fa Update to libXi 1.6.1 2012-06-11 19:24:48 +00:00
dcoppa
f4996328a0 Force class alignment to a multiple of sizeof(XID): fixes a SIGBUS 
crash on sparc64.

Upstream git commit 07ced7b48219e3bc0c98806f3d7106f86d1b2ca0

OK matthieu@
 2012-01-19 08:41:06 +00:00
matthieu
8ccc5e9cd4 Update to libXi 1.4.5. 2011-12-20 20:18:26 +00:00
matthieu
da4d50a40a Update to libXi 1.4.4. 2011-12-17 17:39:19 +00:00
schwarze
489b2ffc16 roff(7) include lines must be ".so man3/foo.3", not ".so foo.3", 
or the referenced file cannot be found.
This got broken during the libXi 1.4.2 update.
ok matthieu@
 2011-11-02 21:41:59 +00:00
matthieu
4f6a4267a4 Update to libXi 1.4.3. 
This contains more doc fixes and a few more bug fixes.
 2011-07-02 21:21:11 +00:00
matthieu
d932417016 Update to libXi 1.4.2. 
Tested by ajacoutot@, jasper@, krw@, shadchin@.
I believe that the bugs spotted by krw@ are fixed in an upcoming
inputproto update.
 2011-07-02 21:14:36 +00:00
matthieu
f2c1aca964 Simpler fix for 64 bits architectures, suggested by Peter Hutterer: 
Just use Data() to send the xXIEventMask structure on the wire.
 2011-04-01 21:22:48 +00:00
matthieu
1064b1a62a Ugly fix for libXi on sparc64. 
May change if upstreams fix it differently.
Still broken on cross-endian remote connections though.
 2011-03-27 20:17:17 +00:00
naddy
a17d3bcc89 Force alignment with sizeof(Atom) for XIButtonClassInfo. 
From upstream; ok matthieu@
 2011-03-18 20:08:27 +00:00
matthieu
23853009c8 Explicitely disable build of specs. 2010-11-11 10:54:03 +00:00
matthieu
9a4e11a14a Update to libXi 1.4.0. small bug fixes plus doc/spec/autotools churn. 2010-11-11 10:49:21 +00:00
matthieu
3ea6e813ac regen 2010-10-03 14:27:14 +00:00
matthieu
3c4f0cc6df Use the XORG_WITH_XMLTO and XORG_WITH_ASCIIDOC macros. 
This change was apparently didn't make it upstreams into 1.3.2 and
got lost.
 2010-10-03 14:26:02 +00:00
matthieu
f71ecdef37 fix merge botch 2010-09-04 13:01:38 +00:00
matthieu
c6379e8bf8 Missed re-added file in libXi 1.3.2. update. 2010-09-04 10:18:16 +00:00
matthieu
9d9f84909a Update to libXi 1.3.2 2010-09-04 10:16:57 +00:00
matthieu
08a25eefda Update to libXi 1.3.2 2010-09-04 10:02:49 +00:00
matthieu
47b605d724 regen 2010-05-21 19:15:04 +00:00
matthieu
0f15c7c5e7 merge from upstream X.Org: use the AC_WITH_XMLTO and AC_WITH_ASCIIDOC 
macros from xorg-macros 1.5 to check for xmlto and asciidoc and
explicitely disable them in Makefile.bsd-wrapper.
Problem noticed by espie@.
 2010-05-21 19:13:11 +00:00
matthieu
69110947ac Update to libXi 1.3. Tested on a bulk ports build by naddy@. 2010-05-18 19:28:54 +00:00
matthieu
0624b5db7f update to libXi 1.2.1 2009-05-02 15:23:04 +00:00
matthieu
7830df18ed Regen with autoconf 2.59-p2, with AM_SANITY check zapped. 2008-03-15 18:08:24 +00:00
matthieu
fb5a8daf22 merge libXi 1.1.3 2007-11-24 17:03:34 +00:00
matthieu
3d6019abca libXi 1.1.3 2007-11-24 16:45:12 +00:00
matthieu
8370179c25 regen 2007-07-29 10:50:16 +00:00
matthieu
930101c636 regen with libtool 1.5.22p10 and metaauto 0.7 2007-04-14 20:44:09 +00:00
matthieu
00a847b3f8 regen with libtool 1.5.22p9 2007-03-25 13:02:54 +00:00
matthieu
6637a9a36e regen with automake 1.9.6p2 2007-03-18 22:29:12 +00:00
matthieu
5954aa6578 regen 2007-03-15 23:28:08 +00:00
matthieu
854f5def06 Bump major of shared libs that depend on libX11 (which already got bumped). 
ok todd@
 2007-03-15 23:00:47 +00:00
matthieu
cd9eb53273 regen 2006-11-28 19:02:33 +00:00
matthieu
b6a46a2b93 Try to prevent endless regeneration of Makefile.in caused to RCS Id expansion. 2006-11-28 11:48:11 +00:00