[PATCH] xace: Fix XaceCensorImage to actually censor the right part of the image
Aaron Plattner
aplattner at nvidia.com
Thu Aug 18 18:12:08 UTC 2016
Aargh, stupid borders. I always forget about them. I guess this is why
we have regression tests.
On 08/18/2016 09:11 AM, Adam Jackson wrote:
> On Thu, 2016-08-18 at 11:09 +0900, Michel Dänzer wrote:
>
>> Unfortunately, this broke two XTS tests:
>>
>> xts5 at xlib9@xgetimage at 7
>> xts5 at xlib9@xgetsubimage at 7
Thanks for catching this.
> Low impact, fortunately, but still unpleasant. The test in question is:
>
> 520|0 7 00020031 1 2|Assertion XGetImage-7.(A)
> 520|0 7 00020031 1 3|When the specified rectangle includes the window border,
> 520|0 7 00020031 1 4|then the contents of the window border are obtained in the
> 520|0 7 00020031 1 5|XImage structure returned by a call to XGetImage.
>
> I think there are two issues here. One is pVisibleRegion (the region we
> don't censor) is the intersection of borderClip (the exterior
> dimensions of the window including the border, clipped by siblings) and
> winSize (the inside-the-border region of the window). Clipping by
> winSize means we'll censor the window border. I think what's actually
> wanted there is borderClip also clipped by children [1]; we don't have
> a function handy to compute that, but it's straightforward enough.
>
> The other issue is we censor the image unconditionally if the server
> was built with support for any security extensions, regardless of
> whether the requesting client is trusted (for XC-SECURITY) or in a
> different security context than the window (for XACE).
>
> Patches forthcoming.
And thanks Adam for fixing it.
> [1] - Well kinda. You want to clip away children whose contents you
> aren't authorized to see, which isn't quite the same.
>
> - ajax
>
More information about the xorg-devel
mailing list