| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
|
| |
|
|
|
|
|
|
| |
The values of file sizes and buffer sizes can exceed current limits.
Therefore, use proper variable types for these operations.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libXpm uses unsigned int to store sizes, which fits size_t on 32 bit
systems, but leads to issues on 64 bit systems.
On 64 bit systems, it is possible to overflow 32 bit integers while
parsing XPM extensions in a file.
At first, it looks like a rather unimportant detail, because nobody
will seriously open a 4 GB file. But unfortunately XPM has support for
gzip compression out of the box. An attacker can therefore craft a
compressed file which is merely 4 MB in size, which makes an attack
much for feasable.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libXpm does not properly handle EOF conditions when xpmGetC is called
multiple times in a row to construct a string. Instead of checking
its return value for EOF, the result is automatically casted into a
char and attached to a string.
By carefully crafting the color table in an XPM file, it is possible to
send a libXpm program like gimp into a very long lasting loop and
massive memory allocations.
Otherwise no memory issues arise, therefore this is just a purely
functional patch to dismiss invalid input.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <Matthieu@herrb.eu>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
libXpm is vulnerable to an out of boundary read if an XPM file contains
a color with a symbolic name but without any default color value.
A caller must set XpmColorSymbols and a color with a NULL name in
the supplied XpmAttributes to XpmReadFileToImage (or other functions of
this type) in order to trigger this issue.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
| |
|
|
|
|
|
| |
For long arguments, use labs().
Reviewed-by: Matt Turner <mattst88@gmail.com>
Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
| |
Remove extra bogus return added to avoid warnings when calling Punt()
since gcc didn't know it would never return.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
When NO_ZPIPE is defined, fcntl.h is not included in WrFFrI.c
although OpenWriteFile uses open, O_WRONLY, O_CREAT and O_TRUNC.
* src/WrFFrI.c: unconditionally include fcntl.h regardless
of NO_ZPIPE being defined or not.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The filename is always a read-only argument, so it is a good idea
to let the caller now about it.
This patch does not change active code; the place where the attribute
is added will not break source-level compatibility because it adds
no restriction on caller side, just adds information; because the
lib code behaved the same way it will not break the binary interface
either.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
| |
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes leak found by parfait 1.1 bug checking tool:
File Descriptor Leak: Leaked File Descriptor fd
at line 350 of lib/libXpm/src/WrFFrI.c in function 'OpenWriteFile'.
fd initialized at line 332 with open
fd leaks when strcmp(".Z", (filename + (len - 2))) != 0 at line 337
and strcmp(".gz", (filename + (len - 3))) != 0 at line 340.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Mark Kettenis <kettenis@openbsd.org>
|
| |
|
|
|
|
| |
http://people.gnome.org/~walters/docs/build-api.txt
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
| |
|
|
| |
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Define NO_ZPIPE when building for MinGW, decompressing via a pipe isn't implemented.
(since xpmPipeThrough() is only written in terms of fork() currently...)
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
Reviewed-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Reviewed-by: Ángel González <ingenit@zoho.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
| |
create.c: In function 'closeness_cmp':
create.c:224:5: warning: cast discards qualifiers from pointer target type
create.c:224:5: warning: cast discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
| |
This fixes implicit declarations for strdup and strcasecmp.
Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
| |
It calls various Xlib functions so should link with -lX11 directly.
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
| |
|
|
|
|
|
| |
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
| |
As per X.Org guidelines.
Fix whitespace issues.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
|
|
|
| |
Group statements per section as per Autoconf standard layout
Quote statements where appropriate.
No functional configuration changes
This helps automated maintenance and release activities.
Details can be found in http://wiki.x.org/wiki/NewModuleGuidelines
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
| |
It lists the files contained in the original
BULL Research Koala Project.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
As per guidelines for all xorg modules.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
| |
Reduce some complexity in the src makefile as it should not
handle sibling directories.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
It is always included by Automake
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
There is only one program in this makefile.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
SXPM_LIBS contains the complete list of dependencies.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
| |
This directory does not exist, only object code is created
in "builddir".
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
|
| |
Fix some m4 quoting
Fix some autoconf warnings
Regroup statements per section
Add comments
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
| |
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
| |
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
This macro is called by PKG_CHECK_MODULES
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
| |
XORG_STRICT_OPTION from XORG_DEFAULT_OPTIONS calls
AC_PROG_C_C99. This sets gcc with -std=gnu99.
If AC_PROG_CC macro is called afterwards, it resets CC to gcc.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
| |
Autoconf says:
"This macro is obsolescent, as current systems have conforming
header files. New programs need not use this macro".
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
Regroup AC statements at the top.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
| |
The value of MAN_SUBST is the same for all X.Org packages.
Use the appropriate platform version of sed
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
The value of MAN_SUBST is the same for all X.Org packages.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
|
| |
It depends on util-macros 1.8
The LT_AC_PROG_SED macro was never released by libtool.
Neither man makefile actually used $SED anyway.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
|
| |
Use MAN_SUBST now supplied in XORG_MANPAGE_SECTIONS
The value of MAN_SUBST is the same for all X.Org packages.
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
| |
|
|
|
|
| |
CVS tag removal chopped too much out in this case...
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
| |
|
|
|
| |
Signed-off-by: Jesse Adkins <jesserayadkins@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
|
|
| |
Unrelated to the previous patches, the new value simply reflects
the reality that the minimum level for autoconf to configure
all x.org modules is 2.60 dated June 2006.
ftp://ftp.gnu.org/gnu/autoconf/autoconf-2.60.tar.gz
Signed-off-by: Gaetan Nadon <memsize@videotron.ca>
|
