[PATCH app/xauth 1/2] Merge only entries with equal dpy and protoname.

Michal Srb msrb at suse.com
Thu May 31 13:12:35 UTC 2018 

Merging two lists, or adding entry a into list acts unexpectedly if the list
contains FamilyWild or entry with an empty display numbers. For example:

  > xauth list
  #ffff#6f70656e737573652d74756d626c6577656564#:  MIT-MAGIC-COOKIE-1  1500d80327733252cc42ba469138a259

  > xauth add test/unix:2 MIT-MAGIC-COOKIE-1 aabbccddeeff00112233445566778899
  > xauth list
  test/unix:2  MIT-MAGIC-COOKIE-1  aabbccddeeff00112233445566778899

This is because merge_entries compares entries using `match_auth`, which
follows the same rules as XauGetBestAuthByAddr. Following these rules is good
when filtering the output of `xauth list`, but for merging we should compare
for equality. It used to be done that way before commit 1555fff4. That commit
changed it to improve the `xauth list` behavior, but did not seem consider the
impact on merge.
---
 process.c | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

diff --git a/process.c b/process.c
index 12a1765..d3ea435 100644
--- a/process.c
+++ b/process.c
@@ -1057,16 +1057,22 @@ extract_entry(const char *inputfilename, int lineno, Xauth *auth, char *data)
 
 
 static int
-eq_auth(Xauth *a, Xauth *b)
+eq_auth_dpy_and_name(Xauth *a, Xauth *b)
 {
     return((a->family == b->family &&
 	    a->address_length == b->address_length &&
 	    a->number_length == b->number_length &&
 	    a->name_length == b->name_length &&
-	    a->data_length == b->data_length &&
 	    memcmp(a->address, b->address, a->address_length) == 0 &&
 	    memcmp(a->number, b->number, a->number_length) == 0 &&
-	    memcmp(a->name, b->name, a->name_length) == 0 &&
+	    memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0);
+}
+
+static int
+eq_auth(Xauth *a, Xauth *b)
+{
+    return((eq_auth_dpy_and_name(a, b) &&
+	    a->data_length == b->data_length &&
 	    memcmp(a->data, b->data, a->data_length) == 0) ? 1 : 0);
 }
 
@@ -1100,17 +1106,6 @@ match_auth_dpy(register Xauth *a, register Xauth *b)
     return 1;
 }
 
-/* return non-zero iff display and authorization type are the same */
-
-static int
-match_auth(register Xauth *a, register Xauth *b)
-{
-    return ((match_auth_dpy(a, b)
-	     && a->name_length == b->name_length
-	     && memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0);
-}
-
-
 static int
 merge_entries(AuthList **firstp, AuthList *second, int *nnewp, int *nreplp)
 {
@@ -1144,7 +1139,7 @@ merge_entries(AuthList **firstp, AuthList *second, int *nnewp, int *nreplp)
 
 	a = first;
 	for (;;) {
-	    if (match_auth (a->auth, b->auth)) {  /* found a duplicate */
+	    if (eq_auth_dpy_and_name (a->auth, b->auth)) {  /* found a duplicate */
 		AuthList tmp;		/* swap it in for old one */
 		tmp = *a;
 		*a = *b;
-- 
2.13.6

More information about the xorg-devel mailing list