openbsd-baikal
/
openbsd-xenocara
mirror of https://github.com/openbsd/xenocara
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge xserver 21.1.6. 

Includes a few fixes to the security patches already committed.
pull/1/head
matthieu 2023-01-22 09:44:41 +00:00
parent 8c4424dd36
commit 6c8ea4fe58
17 changed files with 448 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

309
xserver/ChangeLog
View File

@ -1,3 +1,312 @@
commit 59b6fc88ed9f4b22397a568c2483e4c558856ffa
Author: Olivier Fourdan <ofourdan@redhat.com>
Date: Mon Dec 19 10:46:20 2022 +0100
xserver 21.1.6
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
commit b7760d41c177983c2f2fca2ebdb8105628291720
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon Dec 19 10:06:45 2022 +1000
Xext: fix invalid event type mask in XTestSwapFakeInput
In commit b320ca0 the mask was inadvertently changed from octal 0177 to
hexadecimal 0x177.
Fixes commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
Xtest: disallow GenericEvents in XTestSwapFakeInput
Found by Stuart Cassoff
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit bb1711b7fba42f2a0c7d1c09beee241a1b2bcc30)
commit 69ab3bcaa0f6a5adef6ec19161eb856a4744b32c
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Jul 13 11:23:09 2022 +1000
xkb: fix some possible memleaks in XkbGetKbdByName
GetComponentByName returns an allocated string, so let's free that if we
fail somewhere.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 18f91b950e22c2a342a4fbc55e9ddf7534a707d2)
commit 5dbb2b52cfeab212b5c9b7e344692a6384efdc4c
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Jul 5 12:06:20 2022 +1000
xkb: proof GetCountedString against request length attacks
GetCountedString did a check for the whole string to be within the
request buffer but not for the initial 2 bytes that contain the length
field. A swapped client could send a malformed request to trigger a
swaps() on those bytes, writing into random memory.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 11beef0b7f1ed290348e45618e5fa0d2bffcb72e)
commit becf9d51c33a21e7700b18bb2324f466bb966de5
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Wed Dec 14 00:13:34 2022 -0800
xquartz: Fix some formatting
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
commit 61d18bed664769b1d94ea1320e27f71560a01af2
Author: John D Pell <John+git@gaelicWizard.net>
Date: Tue Jul 13 23:46:28 2021 -0700
XQuartz: stub: Call LSOpenApplication instead of fork()/exec()
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
commit f292fbfaac0c653ee49bbb24deb3add2b5da602f
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Dec 14 11:34:41 2022 +1000
xserver 21.1.5
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
commit e860bbce4fdb169e84033529331ae2666e679de7
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Mon Dec 5 15:55:54 2022 +1000
xkb: reset the radio_groups pointer to NULL after freeing it
Unlike other elements of the keymap, this pointer was freed but not
reset. On a subsequent XkbGetKbdByName request, the server may access
already freed memory.
CVE-2022-4283, ZDI-CAN-19530
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit ccdd431cd8f1cabae9d744f0514b6533c438908c)
commit 8a1fa008b2f90abce6cabb27d9bc2ed76d07b678
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:26:57 2022 +1000
Xi: avoid integer truncation in length check of ProcXIChangeProperty
This fixes an OOB read and the resulting information disclosure.
Length calculation for the request was clipped to a 32-bit integer. With
the correct stuff->num_items value the expected request size was
truncated, passing the REQUEST_FIXED_SIZE check.
The server then proceeded with reading at least stuff->num_items bytes
(depending on stuff->format) from the request and stuffing whatever it
finds into the property. In the process it would also allocate at least
stuff->num_items bytes, i.e. 4GB.
The same bug exists in ProcChangeProperty and ProcXChangeDeviceProperty,
so let's fix that too.
CVE-2022-46344, ZDI-CAN 19405
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 8f454b793e1f13c99872c15f0eed1d7f3b823fe8)
commit 40f431de8a76f737c68ae659fee8472583f15e49
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:24:00 2022 +1000
Xi: return an error from XI property changes if verification failed
Both ProcXChangeDeviceProperty and ProcXIChangeProperty checked the
property for validity but didn't actually return the potential error.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b8a84cb0f2807b07ab70ca9915fcdee21301b8ca)
commit d6c7de9eadca980c8ce3b3b7752b67bfa95e6f31
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 14:53:07 2022 +1000
Xext: free the screen saver resource when replacing it
This fixes a use-after-free bug:
When a client first calls ScreenSaverSetAttributes(), a struct
ScreenSaverAttrRec is allocated and added to the client's
resources.
When the same client calls ScreenSaverSetAttributes() again, a new
struct ScreenSaverAttrRec is allocated, replacing the old struct. The
old struct was freed but not removed from the clients resources.
Later, when the client is destroyed the resource system invokes
ScreenSaverFreeAttr and attempts to clean up the already freed struct.
Fix this by letting the resource system free the old attrs instead.
CVE-2022-46343, ZDI-CAN 19404
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 842ca3ccef100ce010d1d8f5f6d6cc1915055900)
commit 67927cc41f452228188bbe2aa34a9ee4a9ce0c6b
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Wed Nov 30 11:20:40 2022 +1000
Xext: free the XvRTVideoNotify when turning off from the same client
This fixes a use-after-free bug:
When a client first calls XvdiSelectVideoNotify() on a drawable with a
TRUE onoff argument, a struct XvVideoNotifyRec is allocated. This struct
is added twice to the resources:
- as the drawable's XvRTVideoNotifyList. This happens only once per
drawable, subsequent calls append to this list.
- as the client's XvRTVideoNotify. This happens for every client.
The struct keeps the ClientPtr around once it has been added for a
client. The idea, presumably, is that if the client disconnects we can remove
all structs from the drawable's list that match the client (by resetting
the ClientPtr to NULL), but if the drawable is destroyed we can remove
and free the whole list.
However, if the same client then calls XvdiSelectVideoNotify() on the
same drawable with a FALSE onoff argument, only the ClientPtr on the
existing struct was set to NULL. The struct itself remained in the
client's resources.
If the drawable is now destroyed, the resource system invokes
XvdiDestroyVideoNotifyList which frees the whole list for this drawable
- including our struct. This function however does not free the resource
for the client since our ClientPtr is NULL.
Later, when the client is destroyed and the resource system invokes
XvdiDestroyVideoNotify, we unconditionally set the ClientPtr to NULL. On
a struct that has been freed previously. This is generally frowned upon.
Fix this by calling FreeResource() on the second call instead of merely
setting the ClientPtr to NULL. This removes the struct from the client
resources (but not from the list), ensuring that it won't be accessed
again when the client quits.
Note that the assignment tpn->client = NULL; is superfluous since the
XvdiDestroyVideoNotify function will do this anyway. But it's left for
clarity and to match a similar invocation in XvdiSelectPortNotify.
CVE-2022-46342, ZDI-CAN 19400
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b79f32b57cc0c1186b2899bce7cf89f7b325161b)
commit a6c0d7b142e762a6b9934a23e060ea91ff5afcea
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 13:55:32 2022 +1000
Xi: disallow passive grabs with a detail > 255
The XKB protocol effectively prevents us from ever using keycodes above
255. For buttons it's theoretically possible but realistically too niche
to worry about. For all other passive grabs, the detail must be zero
anyway.
This fixes an OOB write:
ProcXIPassiveUngrabDevice() calls DeletePassiveGrabFromList with a
temporary grab struct which contains tempGrab->detail.exact = stuff->detail.
For matching existing grabs, DeleteDetailFromMask is called with the
stuff->detail value. This function creates a new mask with the one bit
representing stuff->detail cleared.
However, the array size for the new mask is 8 * sizeof(CARD32) bits,
thus any detail above 255 results in an OOB array write.
CVE-2022-46341, ZDI-CAN 19381
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit 51eb63b0ee1509c6c6b8922b0e4aa037faa6f78b)
commit 936d34bdff4c479ccd0405fc221ff8e4c6c7014d
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date: Tue Nov 29 12:55:45 2022 +1000
Xtest: disallow GenericEvents in XTestSwapFakeInput
XTestSwapFakeInput assumes all events in this request are
sizeof(xEvent) and iterates through these in 32-byte increments.
However, a GenericEvent may be of arbitrary length longer than 32 bytes,
so any GenericEvent in this list would result in subsequent events to be
misparsed.
Additional, the swapped event is written into a stack-allocated struct
xEvent (size 32 bytes). For any GenericEvent longer than 32 bytes,
swapping the event may thus smash the stack like an avocado on toast.
Catch this case early and return BadValue for any GenericEvent.
Which is what would happen in unswapped setups anyway since XTest
doesn't support GenericEvent.
CVE-2022-46340, ZDI-CAN 19265
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Acked-by: Olivier Fourdan <ofourdan@redhat.com>
(cherry picked from commit b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63)
commit 5f2d652377995c0c0c3cf07463b5018450661d13
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Sun Nov 27 15:04:13 2022 -0800
meson: Don't build COMPOSITE for XQuartz
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 9c0373366988cc0b909ba31e61c43cc46e054b40)
commit 3dee0aac2c0ed4538880b65ee528e4633d103592
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Thu Nov 24 10:58:26 2022 -0800
xquartz: Move default applications list outside of the main executable
This will allow side-wide customization.
Fixes: https://github.com/XQuartz/XQuartz/issues/274
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit e654de80ed560c480efc072d876808b1d78da052)
commit 5d302c378d9d21b34db2434425b766ac4f05de89
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date: Thu Nov 24 11:04:08 2022 -0800
xquartz: Remove unused macro (X11LIBDIR)
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
(cherry picked from commit 3dbd809c0e2d8da4191dd4a3fd4abdd14be0d838)
commit 6bf62381d0a1fb54226a10f9d0e6b03aff12f3aa
Author: Povilas Kanapickas <povilas@radix.lt>
Date: Tue Jul 12 16:09:23 2022 +0300

2
xserver/Xext/saver.c
View File

@ -1350,8 +1350,8 @@ SProcScreenSaverSuspend(ClientPtr client)
{
REQUEST(xScreenSaverSuspendReq);
REQUEST_SIZE_MATCH(xScreenSaverSuspendReq);
swaps(&stuff->length);
REQUEST_SIZE_MATCH(xScreenSaverSuspendReq);
swapl(&stuff->suspend);
return ProcScreenSaverSuspend(client);
}

2
xserver/Xext/xtest.c
View File

@ -502,7 +502,7 @@ XTestSwapFakeInput(ClientPtr client, xReq * req)
nev = ((req->length << 2) - sizeof(xReq)) / sizeof(xEvent);
for (ev = (xEvent *) &req[1]; --nev >= 0; ev++) {
int evtype = ev->u.u.type & 0x177;
int evtype = ev->u.u.type & 0177;
/* Swap event */
proc = EventSwapVector[evtype];
/* no swapping proc; invalid event type? */

28
xserver/configure vendored
View File

@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for xorg-server 21.1.4.
# Generated by GNU Autoconf 2.69 for xorg-server 21.1.6.
#
# Report bugs to <https://gitlab.freedesktop.org/xorg/xserver/issues>.
#
@ -651,8 +651,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='xorg-server'
PACKAGE_TARNAME='xorg-server'
PACKAGE_VERSION='21.1.4'
PACKAGE_STRING='xorg-server 21.1.4'
PACKAGE_VERSION='21.1.6'
PACKAGE_STRING='xorg-server 21.1.6'
PACKAGE_BUGREPORT='https://gitlab.freedesktop.org/xorg/xserver/issues'
PACKAGE_URL=''
@ -1986,7 +1986,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures xorg-server 21.1.4 to adapt to many kinds of systems.
\`configure' configures xorg-server 21.1.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@ -2057,7 +2057,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of xorg-server 21.1.4:";;
short | recursive ) echo "Configuration of xorg-server 21.1.6:";;
esac
cat <<\_ACEOF
@ -2246,10 +2246,10 @@ Optional Packages:
org.x)
--with-bundle-version=VERSION
Version to use for X11.app's CFBundleVersion
(default: 21.1.4)
(default: 21.1.6)
--with-bundle-version-string=VERSION
Version to use for X11.app's
CFBundleShortVersionString (default: 21.1.4)
CFBundleShortVersionString (default: 21.1.6)
--with-sparkle-feed-url=URL
URL for the Sparkle feed (default:
https://www.xquartz.org/releases/sparkle/release.xml)
@ -2460,7 +2460,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
xorg-server configure 21.1.4
xorg-server configure 21.1.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@ -3169,7 +3169,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by xorg-server $as_me 21.1.4, which was
It was created by xorg-server $as_me 21.1.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@ -3517,7 +3517,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
ac_compiler_gnu=$ac_cv_c_compiler_gnu
RELEASE_DATE="2022-07-12"
RELEASE_DATE="2022-12-19"
RELEASE_NAME="Caramel Ice Cream"
@ -3997,7 +3997,7 @@ fi
# Define the identity of the package.
PACKAGE='xorg-server'
VERSION='21.1.4'
VERSION='21.1.6'
cat >>confdefs.h <<_ACEOF
@ -22895,7 +22895,7 @@ _ACEOF
if test "${with_bundle_version+set}" = set; then :
withval=$with_bundle_version; BUNDLE_VERSION="${withval}"
else
BUNDLE_VERSION="21.1.4"
BUNDLE_VERSION="21.1.6"
fi
@ -31541,7 +31541,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by xorg-server $as_me 21.1.4, which was
This file was extended by xorg-server $as_me 21.1.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@ -31607,7 +31607,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
xorg-server config.status 21.1.4
xorg-server config.status 21.1.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"

4
xserver/configure.ac
View File

@ -26,8 +26,8 @@ dnl
dnl Process this file with autoconf to create configure.
AC_PREREQ(2.60)
AC_INIT([xorg-server], 21.1.4, [https://gitlab.freedesktop.org/xorg/xserver/issues], xorg-server)
RELEASE_DATE="2022-07-12"
AC_INIT([xorg-server], 21.1.6, [https://gitlab.freedesktop.org/xorg/xserver/issues], xorg-server)
RELEASE_DATE="2022-12-19"
RELEASE_NAME="Caramel Ice Cream"
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_MACRO_DIR([m4])

5
xserver/hw/xquartz/Makefile.am
View File

@ -2,14 +2,14 @@ noinst_LTLIBRARIES = libXquartz.la
AM_CFLAGS = $(DIX_CFLAGS)
AM_OBJCFLAGS = $(DIX_CFLAGS)
AM_CPPFLAGS = \
-DXQUARTZ_DATA_DIR=\"$(datadir)/X11/XQuartz\" \
-DXSERVER_VERSION=\"$(VERSION)\" \
-DBUNDLE_ID_PREFIX=\"$(BUNDLE_ID_PREFIX)\" \
-DUSE_NEW_CLUT \
-DXFree86Server \
-I$(top_srcdir)/miext/rootless \
-I$(top_builddir)/pseudoramiX \
-I$(top_builddir) \
-DX11LIBDIR=\"$(libdir)\"
-I$(top_builddir)"
if GLX
GL_DIR = GL
@ -45,6 +45,7 @@ EXTRA_DIST = \
darwin.h \
darwinfb.h \
darwinEvents.h \
defaults.plist \
keysym2ucs.h \
quartz.h \
quartzKeyboard.h \

5
xserver/hw/xquartz/Makefile.in
View File

@ -510,14 +510,14 @@ noinst_LTLIBRARIES = libXquartz.la
AM_CFLAGS = $(DIX_CFLAGS)
AM_OBJCFLAGS = $(DIX_CFLAGS)
AM_CPPFLAGS = \
-DXQUARTZ_DATA_DIR=\"$(datadir)/X11/XQuartz\" \
-DXSERVER_VERSION=\"$(VERSION)\" \
-DBUNDLE_ID_PREFIX=\"$(BUNDLE_ID_PREFIX)\" \
-DUSE_NEW_CLUT \
-DXFree86Server \
-I$(top_srcdir)/miext/rootless \
-I$(top_builddir)/pseudoramiX \
-I$(top_builddir) \
-DX11LIBDIR=\"$(libdir)\"
-I$(top_builddir)"
@GLX_TRUE@GL_DIR = GL
SUBDIRS = bundle . $(GL_DIR) xpr pbproxy mach-startup man
@ -547,6 +547,7 @@ EXTRA_DIST = \
darwin.h \
darwinfb.h \
darwinEvents.h \
defaults.plist \
keysym2ucs.h \
quartz.h \
quartzKeyboard.h \

9
xserver/hw/xquartz/NSUserDefaults+XQuartzDefaults.m
View File

@ -96,10 +96,6 @@ NSString * const XQuartzPrefKeySyncPrimaryOnSelect = @"sync_primary_on_select";
defaults = [[[NSUserDefaults alloc] initWithSuiteName:defaultsDomain] retain];
}
NSArray * const defaultAppsMenu = @[
@[NSLocalizedString(@"Terminal", @"Terminal"), @"xterm", @"n"],
];
NSString *defaultWindowItemModifiers = @"command";
NSString * const defaultWindowItemModifiersLocalized = NSLocalizedString(@"window item modifiers", @"window item modifiers");
if (![defaultWindowItemModifiersLocalized isEqualToString:@"window item modifiers"]) {
@ -107,7 +103,6 @@ NSString * const XQuartzPrefKeySyncPrimaryOnSelect = @"sync_primary_on_select";
}
NSDictionary<NSString *, id> * const defaultDefaultsDict = @{
XQuartzPrefKeyAppsMenu : defaultAppsMenu,
XQuartzPrefKeyFakeButtons : @(NO),
// XQuartzPrefKeyFakeButton2 nil default
// XQuartzPrefKeyFakeButton3 nil default
@ -141,6 +136,10 @@ NSString * const XQuartzPrefKeySyncPrimaryOnSelect = @"sync_primary_on_select";
};
[defaults registerDefaults:defaultDefaultsDict];
NSString * const systemDefaultsPlistPath = [@(XQUARTZ_DATA_DIR) stringByAppendingPathComponent:@"defaults.plist"];
NSDictionary <NSString *, id> * const systemDefaultsDict = [NSDictionary dictionaryWithContentsOfFile:systemDefaultsPlistPath];
[defaults registerDefaults:systemDefaultsDict];
});
return defaults;

17
xserver/hw/xquartz/defaults.plist Normal file
View File

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<!-- This file contains system-wide defaults for XQuartz -->
<plist version="1.0">
<dict>
<key>apps_menu</key>
<array>
<array>
<string>Terminal</string>
<string>xterm</string>
<string>n</string>
</array>
</array>
</dict>
</plist>

113
xserver/hw/xquartz/mach-startup/stub.c
View File

@ -52,39 +52,25 @@
#include "launchd_fd.h"
static char x11_path[PATH_MAX + 1];
static CFURLRef x11appURL;
static FSRef x11_appRef;
static pid_t x11app_pid = 0;
aslclient aslc;
static void
set_x11_path(void)
{
CFURLRef appURL = NULL;
OSStatus osstatus =
LSFindApplicationForInfo(kLSUnknownCreator, CFSTR(
kX11AppBundleId), nil, nil, &appURL);
OSStatus osstatus = LSFindApplicationForInfo(kLSUnknownCreator, CFSTR(kX11AppBundleId),
nil, &x11_appRef, &x11appURL);
switch (osstatus) {
case noErr:
if (appURL == NULL) {
asl_log(
aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Invalid response from LSFindApplicationForInfo(%s)",
kX11AppBundleId);
if (x11appURL == NULL) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Invalid response from LSFindApplicationForInfo(%s)",
kX11AppBundleId);
exit(1);
}
if (!CFURLGetFileSystemRepresentation(appURL, true,
(unsigned char *)x11_path,
sizeof(x11_path))) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Error resolving URL for %s",
kX11AppBundleId);
exit(3);
}
strlcat(x11_path, kX11AppBundlePath, sizeof(x11_path));
asl_log(aslc, NULL, ASL_LEVEL_INFO, "Xquartz: X11.app = %s", x11_path);
break;
case kLSApplicationNotFoundErr:
@ -96,8 +82,7 @@ set_x11_path(void)
default:
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Unable to find application for %s, error code = %d",
kX11AppBundleId,
(int)osstatus);
kX11AppBundleId, (int)osstatus);
exit(11);
}
}
@ -122,18 +107,15 @@ connect_to_socket(const char *filename)
ret_fd = socket(PF_UNIX, SOCK_STREAM, 0);
if (ret_fd == -1) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Failed to create socket: %s - %s", filename,
strerror(
errno));
"Xquartz: Failed to create socket: %s - %d - %s",
filename, errno, strerror(errno));
return -1;
}
if (connect(ret_fd, servaddr, servaddr_len) < 0) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Failed to connect to socket: %s - %d - %s",
filename, errno,
strerror(
errno));
filename, errno, strerror(errno));
close(ret_fd);
return -1;
}
@ -176,10 +158,9 @@ send_fd_handoff(int connected_fd, int launchd_fd)
*((int *)CMSG_DATA(cmsg)) = launchd_fd;
if (sendmsg(connected_fd, &msg, 0) < 0) {
asl_log(
aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Error sending $DISPLAY file descriptor over fd %d: %d -- %s",
connected_fd, errno, strerror(errno));
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Error sending $DISPLAY file descriptor over fd %d: %d -- %s",
connected_fd, errno, strerror(errno));
return;
}
@ -253,24 +234,23 @@ main(int argc, char **argv, char **envp)
server_bootstrap_name);
set_x11_path();
/* This forking is ugly and will be cleaned up later */
child = fork();
if (child == -1) {
asl_log(aslc, NULL, ASL_LEVEL_ERR, "Xquartz: Could not fork: %s",
strerror(
errno));
return EXIT_FAILURE;
}
char *listenOnlyArg = "--listenonly";
CFStringRef silentLaunchArg = CFStringCreateWithCString(NULL, listenOnlyArg, kCFStringEncodingUTF8);
CFStringRef args[] = { silentLaunchArg };
CFArrayRef passArgv = CFArrayCreate(NULL, (const void**) args, 1, NULL);
LSApplicationParameters params = { 0, /* CFIndex version == 0 */
kLSLaunchDefaults, /* LSLaunchFlags flags */
&x11_appRef, /* FSRef application */
NULL, /* void* asyncLaunchRefCon*/
NULL, /* CFDictionaryRef environment */
passArgv, /* CFArrayRef arguments */
NULL /* AppleEvent* initialEvent */
};
if (child == 0) {
char *_argv[3];
_argv[0] = x11_path;
_argv[1] = "--listenonly";
_argv[2] = NULL;
asl_log(aslc, NULL, ASL_LEVEL_NOTICE,
"Xquartz: Starting X server: %s --listenonly",
x11_path);
return execvp(x11_path, _argv);
OSStatus status = LSOpenApplication(&params, NULL);
if (status != noErr) {
asl_log(aslc, NULL, ASL_LEVEL_ERR, "Xquartz: Unable to launch: %d", (int)status);
return EXIT_FAILURE;
}
/* Try connecting for 10 seconds */
@ -283,8 +263,7 @@ main(int argc, char **argv, char **envp)
if (kr != KERN_SUCCESS) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: bootstrap_look_up(): %s", bootstrap_strerror(
kr));
"Xquartz: bootstrap_look_up(): %s", bootstrap_strerror(kr));
return EXIT_FAILURE;
}
}
@ -298,13 +277,10 @@ main(int argc, char **argv, char **envp)
int handoff_fd = -1;
for (try = 0, try_max = 5; try < try_max; try++) {
if (request_fd_handoff_socket(mp,
handoff_socket_filename) !=
KERN_SUCCESS) {
asl_log(
aslc, NULL, ASL_LEVEL_INFO,
"Xquartz: Failed to request a socket from the server to send the $DISPLAY fd over (try %d of %d)",
(int)try + 1, (int)try_max);
if (request_fd_handoff_socket(mp, handoff_socket_filename) != KERN_SUCCESS) {
asl_log(aslc, NULL, ASL_LEVEL_INFO,
"Xquartz: Failed to request a socket from the server to send the $DISPLAY fd over (try %d of %d)",
(int)try + 1, (int)try_max);
continue;
}
@ -312,16 +288,13 @@ main(int argc, char **argv, char **envp)
if (handoff_fd == -1) {
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Failed to connect to socket (try %d of %d)",
(int)try + 1,
(int)try_max);
(int)try + 1, (int)try_max);
continue;
}
asl_log(
aslc, NULL, ASL_LEVEL_INFO,
"Xquartz: Handoff connection established (try %d of %d) on fd %d, \"%s\". Sending message.",
(int)try + 1, (int)try_max, handoff_fd,
handoff_socket_filename);
asl_log(aslc, NULL, ASL_LEVEL_INFO,
"Xquartz: Handoff connection established (try %d of %d) on fd %d, \"%s\". Sending message.",
(int)try + 1, (int)try_max, handoff_fd, handoff_socket_filename);
send_fd_handoff(handoff_fd, launchd_fd);
close(handoff_fd);
break;
@ -342,8 +315,7 @@ main(int argc, char **argv, char **envp)
free(newargv);
free(newenvp);
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Memory allocation failure");
asl_log(aslc, NULL, ASL_LEVEL_ERR, "Xquartz: Memory allocation failure");
return EXIT_FAILURE;
}
@ -361,8 +333,7 @@ main(int argc, char **argv, char **envp)
if (kr != KERN_SUCCESS) {
asl_log(aslc, NULL, ASL_LEVEL_ERR, "Xquartz: start_x11_server: %s",
mach_error_string(
kr));
mach_error_string(kr));
return EXIT_FAILURE;
}
return EXIT_SUCCESS;

8
xserver/hw/xquartz/meson.build
View File

@ -23,6 +23,7 @@ endif
bundle_id_def = '-DBUNDLE_ID_PREFIX="@0@"'.format(bundle_id_prefix)
bundle_root = join_paths(apple_applications_dir, apple_application_name + '.app')
xquartz_data_dir = join_paths(get_option('prefix'), get_option('datadir'),'X11', 'XQuartz')
# using sparkle update framework?
build_sparkle = xquartz_sparkle_feed_url != '' and xquartz_sparkle_public_edkey != ''
@ -58,10 +59,9 @@ srcs_libxquartz = [
libxquartz_defs = [
'-DUSE_NEW_CLUT',
'-DX11LIBDIR="@0@"'.format(join_paths(get_option('prefix'),
get_option('libdir'))),
'-DXFree86Server',
'-DXQUARTZ',
'-DXQUARTZ_DATA_DIR="@0@"'.format(xquartz_data_dir),
'-DXSERVER_VERSION="@0@"'.format(meson.project_version()),
bundle_id_def,
sparkle_defs,
@ -95,3 +95,7 @@ xquartz_man = configure_file(
configuration: manpage_config,
)
install_man(xquartz_man)
install_data('defaults.plist',
install_dir: xquartz_data_dir,
install_mode: 'rw-r--r--')

2
xserver/hw/xquartz/pbproxy/Makefile.am
View File

@ -1,4 +1,4 @@
AM_CPPFLAGS=-I..
AM_CPPFLAGS=-I.. -DXQUARTZ_DATA_DIR=\"$(datadir)/X11/XQuartz\"
AM_CFLAGS=$(XPBPROXY_CFLAGS)
AM_OBJCFLAGS=$(XPBPROXY_CFLAGS)

3
xserver/hw/xquartz/pbproxy/Makefile.in
View File

@ -482,7 +482,8 @@ target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
AM_CPPFLAGS = -I.. $(am__append_1)
AM_CPPFLAGS = -I.. -DXQUARTZ_DATA_DIR=\"$(datadir)/X11/XQuartz\" \
$(am__append_1)
AM_CFLAGS = $(XPBPROXY_CFLAGS)
AM_OBJCFLAGS = $(XPBPROXY_CFLAGS)
noinst_LTLIBRARIES = libxpbproxy.la

5
xserver/hw/xquartz/pbproxy/meson.build
View File

@ -1,6 +1,9 @@
build_standalone_pbproxy = get_option('xpbproxy')
pbproxy_defs = [bundle_id_def]
pbproxy_defs = [
'-DXQUARTZ_DATA_DIR="@0@"'.format(xquartz_data_dir),
bundle_id_def
]
if build_standalone_pbproxy
pbproxy_defs += ['-DSTANDALONE_XPBPROXY']
endif

4
xserver/include/meson.build
View File

@ -201,7 +201,9 @@ conf_data.set('UNIXCONN', host_machine.system() != 'windows' ? '1' : false)
conf_data.set('IPv6', build_ipv6 ? '1' : false)
conf_data.set('BIGREQS', '1')
conf_data.set('COMPOSITE', '1')
if build_composite
conf_data.set('COMPOSITE', '1')
endif
conf_data.set('DAMAGE', '1')
conf_data.set('DBE', '1')
conf_data.set('DGA', build_dga ? '1' : false)

15
xserver/meson.build
View File

@ -3,10 +3,10 @@ project('xserver', 'c',
'buildtype=debugoptimized',
'c_std=gnu99',
],
version: '21.1.4',
version: '21.1.6',
meson_version: '>= 0.47.0',
)
release_date = '2022-07-12'
release_date = '2022-12-19'
add_project_arguments('-DHAVE_DIX_CONFIG_H', language: ['c', 'objc'])
cc = meson.get_compiler('c')
@ -235,8 +235,10 @@ else
build_xquartz = get_option('xquartz') == 'true'
endif
build_composite = true
build_rootless = false
if build_xquartz
build_composite = false
build_rootless = true
endif
@ -697,7 +699,9 @@ subdir('fb')
subdir('mi')
subdir('os')
# X extensions
subdir('composite')
if build_composite
subdir('composite')
endif
subdir('damageext')
subdir('dbe')
subdir('miext/damage')
@ -731,7 +735,6 @@ libxserver = [
libxserver_mi,
libxserver_dix,
libxserver_composite,
libxserver_damageext,
libxserver_dbe,
libxserver_randr,
@ -748,6 +751,10 @@ libxserver = [
libxserver_os,
]
if build_composite
libxserver += libxserver_composite
endif
libxserver += libxserver_dri3
subdir('hw')

31
xserver/xkb/xkb.c
View File

@ -5137,6 +5137,11 @@ _GetCountedString(char **wire_inout, ClientPtr client, char **str)
CARD16 len;
wire = *wire_inout;
if (client->req_len <
bytes_to_int32(wire + 2 - (char *) client->requestBuffer))
return BadValue;
len = *(CARD16 *) wire;
if (client->swapped) {
swaps(&len);
@ -5935,18 +5940,32 @@ ProcXkbGetKbdByName(ClientPtr client)
xkb = dev->key->xkbInfo->desc;
status = Success;
str = (unsigned char *) &stuff[1];
if (GetComponentSpec(&str, TRUE, &status)) /* keymap, unsupported */
return BadMatch;
{
char *keymap = GetComponentSpec(&str, TRUE, &status); /* keymap, unsupported */
if (keymap) {
free(keymap);
return BadMatch;
}
}
names.keycodes = GetComponentSpec(&str, TRUE, &status);
names.types = GetComponentSpec(&str, TRUE, &status);
names.compat = GetComponentSpec(&str, TRUE, &status);
names.symbols = GetComponentSpec(&str, TRUE, &status);
names.geometry = GetComponentSpec(&str, TRUE, &status);
if (status != Success)
if (status == Success) {
len = str - ((unsigned char *) stuff);
if ((XkbPaddedSize(len) / 4) != stuff->length)
status = BadLength;
}
if (status != Success) {
free(names.keycodes);
free(names.types);
free(names.compat);
free(names.symbols);
free(names.geometry);
return status;
len = str - ((unsigned char *) stuff);
if ((XkbPaddedSize(len) / 4) != stuff->length)
return BadLength;
}
CHK_MASK_LEGAL(0x01, stuff->want, XkbGBN_AllComponentsMask);
CHK_MASK_LEGAL(0x02, stuff->need, XkbGBN_AllComponentsMask);