| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
|
| |
|
|
| |
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
|
| |
|
|
| |
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
|
| |
|
|
| |
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
|
| |
|
|
| |
Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Xrender.c: In function ‘XRenderQueryFormats’:
Xrender.c:406:19: warning: declaration of ‘xDepth’ shadows a global declaration [-Wshadow]
xPictDepth *xDepth;
^~~~~~
In file included from /net/also.us.oracle.com/export/alanc/X.Org/amd64-gcc/install/usr/X11R7/include/X11/Xlibint.h:43:0,
from Xrenderint.h:31,
from Xrender.c:28:
/net/also.us.oracle.com/export/alanc/X.Org/amd64-gcc/install/usr/X11R7/include/X11/Xproto.h:329:7: note: shadowed declaration is here
} xDepth;
^~~~~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
| |
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
| |
These are not needed in C89 and later
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Individual lengths inside received server data can overflow
the previously reserved memory.
It is therefore important to validate every single length
field to not overflow the previously agreed sum of all invidual
length fields.
v2: consume remaining bytes in the reply buffer on error.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb@laas.fr
|
| |
|
|
|
|
|
|
|
|
| |
The length and numIndexValues members of the reply are both CARD32 and
need to be bounds checked before multiplying by sizeof (XIndexValue) to
avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The length, numFormats, numScreens, numDepths, and numVisuals members of
the reply are all CARD32 and need to be bounds checked before multiplying
and adding them together to come up with the total size to allocate, to
avoid integer overflow leading to underallocation and writing data from
the network past the end of the allocated buffer.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
| |
rep.length is a CARD32, so rep.length << 2 could overflow in 32-bit builds
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
| |
Performed with: find * -type f | xargs perl -i -p -e 's{[ \t]+$}{}'
git diff -w & git diff -b show no diffs from this change
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| |
|
|
|
|
|
|
| |
Clears Sun compiler warning:
"Xrender.c", line 127: warning: integer overflow detected: op "<<"
since 1 << 31 overflows a signed 32-bit int.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
| | |
|
| |
|
|
| |
malloc succeeds.
|
| |
|
|
| |
- Add Xrender to symlink.sh
|
| |
|
|
|
| |
fix option name in log message.
improve debugging messages.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
