xserver: Branch 'server-1.14-branch' - 12 commits
Matt Dew
marcoz at kemper.freedesktop.org
Thu Mar 6 20:41:23 PST 2014
hw/xquartz/X11Application.m | 13 +++++++++++++
hw/xquartz/X11Controller.m | 10 +++++-----
hw/xquartz/applewm.c | 16 ++++++++++++++++
hw/xquartz/darwinfb.h | 2 +-
hw/xquartz/mach-startup/stub.c | 4 ++++
hw/xquartz/quartz.c | 3 +++
hw/xquartz/xpr/appledri.c | 10 ++++++++++
hw/xquartz/xpr/x-hook.c | 27 ++++++---------------------
os/osinit.c | 13 +++++++++++--
9 files changed, 69 insertions(+), 29 deletions(-)
New commits:
commit 4ab897c03389d5e6e23a4ef7f3f6a4fda1837a53
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:10:41 2014 -0800
XQuartz: Avoid passing uninitialized pointers to X11ApplicationSetWindowMenu in AppleWMSetWindowMenu
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 77df653ae3d8448be21221711851acde12c6bc1a)
diff --git a/hw/xquartz/applewm.c b/hw/xquartz/applewm.c
index c4e5f4a..0d734bd 100644
--- a/hw/xquartz/applewm.c
+++ b/hw/xquartz/applewm.c
@@ -398,6 +398,15 @@ ProcAppleWMSetWindowMenu(register ClientPtr client)
break;
}
}
+
+ /* Check if we bailed out of the above loop due to a request that was too long */
+ if (j < nitems) {
+ free(items);
+ free(shortcuts);
+
+ return BadRequest;
+ }
+
X11ApplicationSetWindowMenu(nitems, items, shortcuts);
free(items);
free(shortcuts);
commit bb315485b451e573a53f04e2281e79f21d33bd02
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:04:07 2014 -0800
XQuartz: Check for allocated memory before using it in AppleWMSetWindowMenu
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 3bc608a361a01043b226fb9aaebf88f6fd852925)
diff --git a/hw/xquartz/applewm.c b/hw/xquartz/applewm.c
index aea0a45..c4e5f4a 100644
--- a/hw/xquartz/applewm.c
+++ b/hw/xquartz/applewm.c
@@ -378,6 +378,13 @@ ProcAppleWMSetWindowMenu(register ClientPtr client)
items = malloc(sizeof(char *) * nitems);
shortcuts = malloc(sizeof(char) * nitems);
+ if (!items || !shortcuts) {
+ free(items);
+ free(shortcuts);
+
+ return BadAlloc;
+ }
+
max_len = (stuff->length << 2) - sizeof(xAppleWMSetWindowMenuReq);
bytes = (char *)&stuff[1];
commit a3d19856c6b4d323340a98a8c7bf1cfc4b92c83d
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 11:00:40 2014 -0800
XQuartz: Silence a clang static analysis warning about a memory leak
It seems the alanyzer can't comprehend dixSetPrivate().
quartz.c:119:12: warning: Potential leak of memory pointed to by 'displayInfo'
return quartzProcs->AddScreen(index, pScreen);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 64327226ddfba8f0653615cd678d2d4336fb993d)
diff --git a/hw/xquartz/quartz.c b/hw/xquartz/quartz.c
index 5b977c7..bc6c8d0 100644
--- a/hw/xquartz/quartz.c
+++ b/hw/xquartz/quartz.c
@@ -109,11 +109,14 @@ Bool
QuartzAddScreen(int index,
ScreenPtr pScreen)
{
+ // The clang static analyzer thinks we leak displayInfo here
+#ifndef __clang_analyzer__
// allocate space for private per screen Quartz specific storage
QuartzScreenPtr displayInfo = calloc(sizeof(QuartzScreenRec), 1);
// QUARTZ_PRIV(pScreen) = displayInfo;
dixSetPrivate(&pScreen->devPrivates, quartzScreenKey, displayInfo);
+#endif /* __clang_analyzer__ */
// do Quartz mode specific initialization
return quartzProcs->AddScreen(index, pScreen);
commit b915cbb6bf489e8ceb20d1053d1c94ebc981e0dd
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:55:10 2014 -0800
XQuartz: Silence a clang static analysis warning about a possible memory leak on exit
stub.c:356:9: warning: Potential leak of memory pointed to by 'newargv'
asl_log(aslc, NULL, ASL_LEVEL_ERR,
^~~~~~~
stub.c:356:9: warning: Potential leak of memory pointed to by 'newenvp'
asl_log(aslc, NULL, ASL_LEVEL_ERR,
^~~~~~~
2 warnings generated.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit b2f6b3497c33a4897afae80a2cf69c596b9f81e8)
diff --git a/hw/xquartz/mach-startup/stub.c b/hw/xquartz/mach-startup/stub.c
index b5a3168..756e4ef 100644
--- a/hw/xquartz/mach-startup/stub.c
+++ b/hw/xquartz/mach-startup/stub.c
@@ -353,6 +353,10 @@ main(int argc, char **argv, char **envp)
newenvp = (string_array_t)calloc((1 + envpc), sizeof(string_t));
if (!newargv || !newenvp) {
+ /* Silence the clang static analyzer */
+ free(newargv);
+ free(newenvp);
+
asl_log(aslc, NULL, ASL_LEVEL_ERR,
"Xquartz: Memory allocation failure");
return EXIT_FAILURE;
commit f218c147c2bb77ab3b5dc091ddb62839fa165254
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:47:52 2014 -0800
XQuartz: Validate length in appledri before swapping
Avoids potential memory corruption from bad requests
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit a03f096a85537d9e881cedaa6cb71aca43a97086)
diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
index d7e9844..7757465 100644
--- a/hw/xquartz/xpr/appledri.c
+++ b/hw/xquartz/xpr/appledri.c
@@ -406,6 +406,7 @@ SProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client)
{
REQUEST(xAppleDRIQueryDirectRenderingCapableReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIQueryDirectRenderingCapableReq);
swapl(&stuff->screen);
return ProcAppleDRIQueryDirectRenderingCapable(client);
}
@@ -415,6 +416,7 @@ SProcAppleDRIAuthConnection(register ClientPtr client)
{
REQUEST(xAppleDRIAuthConnectionReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIAuthConnectionReq);
swapl(&stuff->screen);
swapl(&stuff->magic);
return ProcAppleDRIAuthConnection(client);
@@ -425,6 +427,7 @@ SProcAppleDRICreateSurface(register ClientPtr client)
{
REQUEST(xAppleDRICreateSurfaceReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRICreateSurfaceReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
swapl(&stuff->client_id);
@@ -436,6 +439,7 @@ SProcAppleDRIDestroySurface(register ClientPtr client)
{
REQUEST(xAppleDRIDestroySurfaceReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIDestroySurfaceReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
return ProcAppleDRIDestroySurface(client);
@@ -446,6 +450,7 @@ SProcAppleDRICreatePixmap(register ClientPtr client)
{
REQUEST(xAppleDRICreatePixmapReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq);
swapl(&stuff->screen);
swapl(&stuff->drawable);
return ProcAppleDRICreatePixmap(client);
@@ -456,6 +461,7 @@ SProcAppleDRIDestroyPixmap(register ClientPtr client)
{
REQUEST(xAppleDRIDestroyPixmapReq);
swaps(&stuff->length);
+ REQUEST_SIZE_MATCH(xAppleDRIDestroyPixmapReq);
swapl(&stuff->drawable);
return ProcAppleDRIDestroyPixmap(client);
}
commit 2599b3a42b9d637534b0ed5018aa4bc692c0f5e5
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Wed Jan 1 10:39:56 2014 -0800
XQuartz: Validate screen in AppleDRIQueryDirectRenderingCapable requests
Return an error to the caller rather than crashing the server on
invalid screens.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit b3572c0d1ab7888ac26d6b2b8be6d1d19ed9af3f)
diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
index 9aac072..d7e9844 100644
--- a/hw/xquartz/xpr/appledri.c
+++ b/hw/xquartz/xpr/appledri.c
@@ -123,6 +123,10 @@ ProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client)
rep.length = 0;
rep.sequenceNumber = client->sequence;
+ if (stuff->screen >= screenInfo.numScreens) {
+ return BadValue;
+ }
+
if (!DRIQueryDirectRenderingCapable(screenInfo.screens[stuff->screen],
&isCapable)) {
return BadValue;
commit 448dd77224ba4d019be7b9139c4ebead3f24001e
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:45:23 2013 -0800
XQuartz: Simplify hook_run to quiet static analyzer
x-hook.c:96:9: warning: Called function pointer is an uninitalized pointer value
(*fun[i])(arg, data[i]);
^~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 959e8f23af7850fcaf40d6c67f5228241a36a9ab)
diff --git a/hw/xquartz/xpr/x-hook.c b/hw/xquartz/xpr/x-hook.c
index b5d8ab9..3922bb8 100644
--- a/hw/xquartz/xpr/x-hook.c
+++ b/hw/xquartz/xpr/x-hook.c
@@ -70,34 +70,19 @@ X_PFX(hook_remove) (x_list * lst, x_hook_function * fun, void *data) {
X_EXTERN void
X_PFX(hook_run) (x_list * lst, void *arg) {
- x_list *node, *cell;
- x_hook_function **fun;
- void **data;
- int length, i;
+ x_list *node;
if (!lst)
return;
- length = X_PFX(list_length) (lst);
- fun = malloc(sizeof(x_hook_function *) * length);
- data = malloc(sizeof(void *) * length);
-
- if (!fun || !data) {
- FatalError("Failed to allocate memory in %s\n", __func__);
- }
+ for (node = lst; node != NULL; node = node->next) {
+ x_list *cell = node->data;
- for (i = 0, node = lst; node != NULL; node = node->next, i++) {
- cell = node->data;
- fun[i] = CELL_FUN(cell);
- data[i] = CELL_DATA(cell);
- }
+ x_hook_function *fun = CELL_FUN(cell);
+ void *data = CELL_DATA(cell);
- for (i = 0; i < length; i++) {
- (*fun[i])(arg, data[i]);
+ (*fun)(arg, data);
}
-
- free(fun);
- free(data);
}
X_EXTERN void
commit daaada9113d6bbfd6ffbf4c8c76f3176ca2899c6
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:41:18 2013 -0800
XQuartz: Mark applicationWillTerminate: noreturn
X11Controller.m:938:1: warning: method 'applicationWillTerminate:' could be declared with attribute 'noreturn'
[-Wmissing-noreturn,Semantic Issue]
{
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit f79af1941776fd6f1ec26c50603fcc35ca7d514b)
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index 752bda3..5445c6f 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -934,7 +934,7 @@ extern char *bundle_id_prefix;
== NSAlertDefaultReturn) ? NSTerminateNow : NSTerminateCancel;
}
-- (void) applicationWillTerminate:(NSNotification *)aNotification
+- (void) applicationWillTerminate:(NSNotification *)aNotification _X_NORETURN
{
int remain;
[X11App prefs_synchronize];
commit 9ec1c29d75e5795557bf209dc690aed18b503545
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:31:23 2013 -0800
XQuartz: Fix darwinfb.h header guard
./darwinfb.h:28:9: warning: '_DARWIN_FB_H' is used as a header guard here, followed by #define of a different macro
[-Wheader-guard,Lexical or Preprocessor Issue]
^~~~~~~~~~~~
./darwinfb.h:29:9: note: '_DARWIN_DB_H' is defined here; did you mean '_DARWIN_FB_H'? [Lexical or Preprocessor Issue]
^~~~~~~~~~~~
_DARWIN_FB_H
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 2e3ebec9520719a8e5c3c92390e83bcb5216f978)
diff --git a/hw/xquartz/darwinfb.h b/hw/xquartz/darwinfb.h
index 5de360d..541128b 100644
--- a/hw/xquartz/darwinfb.h
+++ b/hw/xquartz/darwinfb.h
@@ -26,7 +26,7 @@
*/
#ifndef _DARWIN_FB_H
-#define _DARWIN_DB_H
+#define _DARWIN_FB_H
#include "scrnintstr.h"
commit af520d671089dbf96271bc97484113ea2f18113e
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sun Dec 29 12:22:55 2013 -0800
XQuartz: Silence some static analyzer warnings by annotating referencing counts
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit 9da6c0918f40359f28fe8889d5b7cae7efcc8377)
diff --git a/hw/xquartz/X11Application.m b/hw/xquartz/X11Application.m
index 1f9b05d..2efbd65 100644
--- a/hw/xquartz/X11Application.m
+++ b/hw/xquartz/X11Application.m
@@ -70,6 +70,18 @@ xpbproxy_run(void);
static dispatch_queue_t eventTranslationQueue;
#endif
+#ifndef __has_feature
+#define __has_feature(x) 0
+#endif
+
+#ifndef CF_RETURNS_RETAINED
+#if __has_feature(attribute_cf_returns_retained)
+#define CF_RETURNS_RETAINED __attribute__((cf_returns_retained))
+#else
+#define CF_RETURNS_RETAINED
+#endif
+#endif
+
extern Bool noTestExtensions;
extern Bool noRenderExtension;
extern BOOL serverRunning;
@@ -526,6 +538,7 @@ cfrelease(CFAllocatorRef a, const void *b)
CFRelease(b);
}
+CF_RETURNS_RETAINED
static CFMutableArrayRef
nsarray_to_cfarray(NSArray *in)
{
commit de32ca3f2442bfb90b8cd2135b61758074090018
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sat Dec 7 01:36:33 2013 -0800
XQuartz: Use asl_log_descriptor to log stdout/stderr of child processes
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit d7c9235ee261b0f780320985233e00dec5e2689c)
diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m
index 3d094bf..752bda3 100644
--- a/hw/xquartz/X11Controller.m
+++ b/hw/xquartz/X11Controller.m
@@ -347,7 +347,7 @@ extern char *bundle_id_prefix;
const char *newargv[4];
char buf[128];
char *s;
-#if 0 && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
+#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
int stdout_pipe[2];
int stderr_pipe[2];
#endif
@@ -363,7 +363,7 @@ extern char *bundle_id_prefix;
setenv("DISPLAY", buf, TRUE);
}
-#if 0 && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
+#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
if (asl_log_descriptor) {
char *asl_sender;
aslmsg amsg = asl_new(ASL_TYPE_MSG);
@@ -413,7 +413,7 @@ extern char *bundle_id_prefix;
_exit(1);
case 0: /* child2 */
-#if 0 && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
+#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
if (asl_log_descriptor) {
/* Replace our stdout/stderr */
dup2(stdout_pipe[1], STDOUT_FILENO);
@@ -442,7 +442,7 @@ extern char *bundle_id_prefix;
waitpid(child1, &status, 0);
}
-#if 0 && MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
+#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
if (asl_log_descriptor) {
/* Close the write ends of the pipe */
close(stdout_pipe[1]);
commit 3218c1433f762f2e985c227b4e774cd0fa671009
Author: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
Date: Sat Dec 7 01:14:37 2013 -0800
darwin: Don't leave stdin/stdout closed
<rdar://problem/15609419>
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
(cherry picked from commit ad8111d7c971ce448905c733d65ba0cfc72bdca4)
diff --git a/os/osinit.c b/os/osinit.c
index 6c66f9c..0c2c323 100644
--- a/os/osinit.c
+++ b/os/osinit.c
@@ -208,10 +208,18 @@ OsInit(void)
dlinfo(RTLD_SELF, RTLD_DI_SETSIGNAL, &failure_signal);
#endif
-#if !defined(__CYGWIN__)
+#if !defined(XQUARTZ) /* STDIN is already /dev/null and STDOUT/STDERR is managed by console_redirect.c */
+# if defined(__APPLE__)
+ int devnullfd = open(devnull, O_RDWR, 0);
+ assert(devnullfd > 2);
+
+ dup2(devnullfd, STDIN_FILENO);
+ dup2(devnullfd, STDOUT_FILENO);
+ close(devnullfd);
+# elif !defined(__CYGWIN__)
fclose(stdin);
fclose(stdout);
-#endif
+# endif
/*
* If a write of zero bytes to stderr returns non-zero, i.e. -1,
* then writing to stderr failed, and we'll write somewhere else
@@ -245,6 +253,7 @@ OsInit(void)
setlinebuf(stderr);
#endif
}
+#endif /* !XQUARTZ */
#if !defined(WIN32) || defined(__CYGWIN__)
if (getpgrp() == 0)
More information about the xorg-commit
mailing list