xserver: Branch 'server-1.15-branch' - 12 commits
Matt Dew
marcoz at kemper.freedesktop.org
Thu Mar 6 21:09:13 PST 2014
hw/xquartz/GL/indirect.c | 4 ++--
hw/xquartz/X11Application.m | 13 +++++++++++++
hw/xquartz/X11Controller.m | 2 +-
hw/xquartz/applewm.c | 16 ++++++++++++++++
hw/xquartz/darwinfb.h | 2 +-
hw/xquartz/mach-startup/stub.c | 4 ++++
hw/xquartz/quartz.c | 3 +++
hw/xquartz/xpr/appledri.c | 10 ++++++++++
hw/xquartz/xpr/x-hook.c | 27 ++++++---------------------
9 files changed, 56 insertions(+), 25 deletions(-)
New commits:
commit b332cd20ee14049606e3656490d13a8efa6b23ee
Merge: f41ab8c 5e0432f
Author: Matt Dew <marcoz at osource.org>
Date: Thu Mar 6 22:03:03 2014 -0700
Merge branch 'server-1.15-branch' of git://people.freedesktop.org/~jeremyhu/xserver into server-1.15-branch
commit 5e0432f797d58fe1a69ef538694f65bbba38737f
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:10:41 2014 -0800
XQuartz: Avoid passing uninitialized pointers to X11ApplicationSetWindowMenu in AppleWMSetWindowMenu
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 77df653ae3d8448be21221711851acde12c6bc1a)
diff --git a/hw/xquartz/applewm.c b/hw/xquartz/applewm.c
index c4e5f4a..0d734bd 100644
--- a/hw/xquartz/applewm.c
+++ b/hw/xquartz/applewm.c
@@ -398,6 +398,15 @@ ProcAppleWMSetWindowMenu(register ClientPtr client)
break;
}
}
+
+ /* Check if we bailed out of the above loop due to a request that was too long */
+ if (j < nitems) {
+ free(items);
+ free(shortcuts);
+
+ return BadRequest;
+ }
+
X11ApplicationSetWindowMenu(nitems, items, shortcuts);
free(items);
free(shortcuts);
commit 859ced56d9ee168796c2fcf7fa6056e0c1491f3a
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:04:07 2014 -0800
XQuartz: Check for allocated memory before using it in AppleWMSetWindowMenu
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 3bc608a361a01043b226fb9aaebf88f6fd852925)
diff --git a/hw/xquartz/applewm.c b/hw/xquartz/applewm.c
index aea0a45..c4e5f4a 100644
--- a/hw/xquartz/applewm.c
+++ b/hw/xquartz/applewm.c
@@ -378,6 +378,13 @@ ProcAppleWMSetWindowMenu(register ClientPtr client)
items = malloc(sizeof(char *) * nitems);
shortcuts = malloc(sizeof(char) * nitems);
+ if (!items || !shortcuts) {
+ free(items);
+ free(shortcuts);
+
+ return BadAlloc;
+ }
+
max_len = (stuff->length << 2) - sizeof(xAppleWMSetWindowMenuReq);
bytes = (char *)&stuff[1];
commit 9444955d16f85926c75ee8eafb0ca796dcf16439
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:00:40 2014 -0800
XQuartz: Silence a clang static analysis warning about a memory leak
It seems the alanyzer can't comprehend dixSetPrivate().
quartz.c:119:12: warning: Potential leak of memory pointed to by 'displayInfo'
return quartzProcs->AddScreen(index, pScreen);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 64327226ddfba8f0653615cd678d2d4336fb993d)
diff --git a/hw/xquartz/quartz.c b/hw/xquartz/quartz.c
index 5b977c7..bc6c8d0 100644
--- a/hw/xquartz/quartz.c
+++ b/hw/xquartz/quartz.c
@@ -109,11 +109,14 @@ Bool
QuartzAddScreen(int index,
ScreenPtr pScreen)
{
+ // The clang static analyzer thinks we leak displayInfo here
+#ifndef __clang_analyzer__
// allocate space for private per screen Quartz specific storage
QuartzScreenPtr displayInfo = calloc(sizeof(QuartzScreenRec), 1);
// QUARTZ_PRIV(pScreen) = displayInfo;
dixSetPrivate(&pScreen->devPrivates, quartzScreenKey, displayInfo);
+#endif /* __clang_analyzer__ */
// do Quartz mode specific initialization
return quartzProcs->AddScreen(index, pScreen);
commit 64b0669d1c062e7e11fb0e3b8ea7fe56113fc86f
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:55:10 2014 -0800
XQuartz: Silence a clang static analysis warning about a possible memory leak on exit
stub.c:356:9: warning: Potential leak of memory pointed to by 'newargv'
asl_log(aslc, NULL, ASL_LEVEL_ERR,
^~~~~~~
stub.c:356:9: warning: Potential leak of memory pointed to by 'newenvp'
asl_log(aslc, NULL, ASL_LEVEL_ERR,
^~~~~~~
2 warnings generated.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit b2f6b3497c33a4897afae80a2cf69c596b9f81e8)
diff --git a/hw/xquartz/mach-startup/stub.c b/hw/xquartz/mach-startup/stub.c
index b5a3168..756e4ef 100644
--- a/hw/xquartz/mach-startup/stub.c
+++ b/hw/xquartz/mach-startup/stub.c
@@ -353,6 +353,10 @@ main(int argc, char **argv, char **envp)
newenvp = (string_array_t)calloc((1 + envpc), sizeof(string_t));
if (!newargv || !newenvp) {
+ /* Silence the clang static analyzer */
+ free(newargv);
+ free(newenvp);
+
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Memory allocation failure");
return EXIT_FAILURE;
commit 472e8e5d1c26573cef4bd42451230ef47791ed6f
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:47:52 2014 -0800
XQuartz: Validate length in appledri before swapping
Avoids potential memory corruption from bad requests
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit a03f096a85537d9e881cedaa6cb71aca43a97086)
diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
index d7e9844..7757465 100644
--- a/hw/xquartz/xpr/appledri.c
+++ b/hw/xquartz/xpr/appledri.c
@@ -406,6 +406,7 @@ SProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client)
{
REQUEST(xAppleDRIQueryDirectRenderingCapableReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIQueryDirectRenderingCapableReq);
swapl(&stuff->screen);
return ProcAppleDRIQueryDirectRenderingCapable(client);
}
@@ -415,6 +416,7 @@ SProcAppleDRIAuthConnection(register ClientPtr client)
{
REQUEST(xAppleDRIAuthConnectionReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIAuthConnectionReq);
swapl(&stuff->screen);
swapl(&stuff->magic);
return ProcAppleDRIAuthConnection(client);
@@ -425,6 +427,7 @@ SProcAppleDRICreateSurface(register ClientPtr client)
{
REQUEST(xAppleDRICreateSurfaceReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRICreateSurfaceReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
swapl(&stuff->client_id);
@@ -436,6 +439,7 @@ SProcAppleDRIDestroySurface(register ClientPtr client)
{
REQUEST(xAppleDRIDestroySurfaceReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIDestroySurfaceReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
return ProcAppleDRIDestroySurface(client);
@@ -446,6 +450,7 @@ SProcAppleDRICreatePixmap(register ClientPtr client)
{
REQUEST(xAppleDRICreatePixmapReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
return ProcAppleDRICreatePixmap(client);
@@ -456,6 +461,7 @@ SProcAppleDRIDestroyPixmap(register ClientPtr client)
{
REQUEST(xAppleDRIDestroyPixmapReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIDestroyPixmapReq);
swapl(&stuff->drawable);
return ProcAppleDRIDestroyPixmap(client);
}
commit 782fe5c174def75a9e4cb188c00c2fec72821472
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:39:56 2014 -0800
XQuartz: Validate screen in AppleDRIQueryDirectRenderingCapable requests
Return an error to the caller rather than crashing the server on
invalid screens.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit b3572c0d1ab7888ac26d6b2b8be6d1d19ed9af3f)
diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
index 9aac072..d7e9844 100644
--- a/hw/xquartz/xpr/appledri.c
+++ b/hw/xquartz/xpr/appledri.c
@@ -123,6 +123,10 @@ ProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client)
rep.length = 0;
rep.sequenceNumber = client->sequence;
+ if (stuff->screen >= screenInfo.numScreens) {
+ return BadValue;
+ }
+
if (!DRIQueryDirectRenderingCapable(screenInfo.screens[stuff->screen],
&isCapable)) {
return BadValue;
commit 045122566c0532378b50c1af3ffec3254e416fe2
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:45:23 2013 -0800
XQuartz: Simplify hook_run to quiet static analyzer
x-hook.c:96:9: warning: Called function pointer is an uninitalized pointer value
(*fun[i])(arg, data[i]);
^~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 959e8f23af7850fcaf40d6c67f5228241a36a9ab)
diff --git a/hw/xquartz/xpr/x-hook.c b/hw/xquartz/xpr/x-hook.c
index b5d8ab9..3922bb8 100644
--- a/hw/xquartz/xpr/x-hook.c
+++ b/hw/xquartz/xpr/x-hook.c
@@ -70,34 +70,19 @@ X_PFX(hook_remove) (x_list * lst, x_hook_function * fun, void *data) {
X_EXTERN void
X_PFX(hook_run) (x_list * lst, void *arg) {
- x_list *node, *cell;
- x_hook_function **fun;
- void **data;
- int length, i;
+ x_list *node;
if (!lst)
return;
- length = X_PFX(list_length) (lst);
- fun = malloc(sizeof(x_hook_function *) * length);
- data = malloc(sizeof(void *) * length);
-
- if (!fun || !data) {
- FatalError("Failed to allocate memory in %s\n", __func__);
- }
+ for (node = lst; node != NULL; node = node->next) {
+ x_list *cell = node->data;
- for (i = 0, node = lst; node != NULL; node = node->next, i++) {
- cell = node->data;
- fun[i] = CELL_FUN(cell);
- data[i] = CELL_DATA(cell);
- }
+ x_hook_function *fun = CELL_FUN(cell);
+ void *data = CELL_DATA(cell);
- for (i = 0; i < length; i++) {
- (*fun[i])(arg, data[i]);
+ (*fun)(arg, data);
}
-
- free(fun);
- free(data);
}
X_EXTERN void
commit 33b2ae0f3b4a80fd962d876f7437d98fcfc27791
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:41:18 2013 -0800
XQuartz: Mark applicationWillTerminate: noreturn
X11Controller.m:938:1: warning: method 'applicationWillTerminate:' could be declared with attribute 'noreturn'
[-Wmissing-noreturn,Semantic Issue]
{
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit f79af1941776fd6f1ec26c50603fcc35ca7d514b)
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index 752bda3..5445c6f 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -934,7 +934,7 @@ extern char *bundle_id_prefix;
== NSAlertDefaultReturn) ? NSTerminateNow : NSTerminateCancel;
}
-- (void) applicationWillTerminate:(NSNotification *)aNotification
+- (void) applicationWillTerminate:(NSNotification *)aNotification _X_NORETURN
{
int remain;
[X11App prefs_synchronize];
commit 404f26866147be1c26585e59d9795e87e0c3e5fa
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:36:51 2013 -0800
XQuartz: Fix get_proc_address signature
indirect.c:675:28: warning: incompatible pointer types passing 'glx_gpa_proc (*)(const char *)' to parameter of type
'glx_gpa_proc' (aka 'glx_func_ptr (*)(const char *)') [-Wincompatible-pointer-types,Semantic Issue]
__glXsetGetProcAddress(&get_proc_address);
^~~~~~~~~~~~~~~~~
../../../glx/glxserver.h:122:42: note: passing argument to parameter 'get_proc_address' here [Semantic Issue]
void __glXsetGetProcAddress(glx_gpa_proc get_proc_address);
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit ea80279e292e59a9fe9651489f03e9f2f39810d9)
diff --git a/hw/xquartz/GL/indirect.c b/hw/xquartz/GL/indirect.c
index 8dabda1..19b7d86 100644
--- a/hw/xquartz/GL/indirect.c
+++ b/hw/xquartz/GL/indirect.c
@@ -643,10 +643,10 @@ __glFloorLog2(GLuint val)
static void *opengl_framework_handle;
-static glx_gpa_proc
+static glx_func_ptr
get_proc_address(const char *sym)
{
- return (glx_gpa_proc) dlsym(opengl_framework_handle, sym);
+ return (glx_func_ptr) dlsym(opengl_framework_handle, sym);
}
static void
commit 7803c4075b824ece79af0425cee736025c41d901
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:31:23 2013 -0800
XQuartz: Fix darwinfb.h header guard
./darwinfb.h:28:9: warning: '_DARWIN_FB_H' is used as a header guard here, followed by #define of a different macro
[-Wheader-guard,Lexical or Preprocessor Issue]
^~~~~~~~~~~~
./darwinfb.h:29:9: note: '_DARWIN_DB_H' is defined here; did you mean '_DARWIN_FB_H'? [Lexical or Preprocessor Issue]
^~~~~~~~~~~~
_DARWIN_FB_H
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 2e3ebec9520719a8e5c3c92390e83bcb5216f978)
diff --git a/hw/xquartz/darwinfb.h b/hw/xquartz/darwinfb.h
index 5de360d..541128b 100644
--- a/hw/xquartz/darwinfb.h
+++ b/hw/xquartz/darwinfb.h
@@ -26,7 +26,7 @@
*/
#ifndef _DARWIN_FB_H
-#define _DARWIN_DB_H
+#define _DARWIN_FB_H
#include "scrnintstr.h"
commit 6c055f0d78349ff08a570c5dcc92c6f7b6924993
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:22:55 2013 -0800
XQuartz: Silence some static analyzer warnings by annotating referencing counts
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 9da6c0918f40359f28fe8889d5b7cae7efcc8377)
diff --git a/hw/xquartz/X11Application.m b/hw/xquartz/X11Application.m
index 1f9b05d..2efbd65 100644
--- a/hw/xquartz/X11Application.m
+++ b/hw/xquartz/X11Application.m
@@ -70,6 +70,18 @@ xpbproxy_run(void);
static dispatch_queue_t eventTranslationQueue;
#endif
+#ifndef __has_feature
+#define __has_feature(x) 0
+#endif
+
+#ifndef CF_RETURNS_RETAINED
+#if __has_feature(attribute_cf_returns_retained)
+#define CF_RETURNS_RETAINED __attribute__((cf_returns_retained))
+#else
+#define CF_RETURNS_RETAINED
+#endif
+#endif
+
extern Bool noTestExtensions;
extern Bool noRenderExtension;
extern BOOL serverRunning;
@@ -526,6 +538,7 @@ cfrelease(CFAllocatorRef a, const void *b)
CFRelease(b);
}
+CF_RETURNS_RETAINED
static CFMutableArrayRef
nsarray_to_cfarray(NSArray *in)
{
More information about the xorg-commit
mailing list