Both Cygwin and MinGW can use Windows' native CryptoAPI for SHA1,
saving a dependency on libgcrypt or OpenSSL. The necessary functions
are in ADVAPI32.DLL, which is among the default lib flags and is
already used in hw/xwin for accessing the registry.
Signed-off-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Reviewed-by: Mikhail Gusarov <dottedmag@dottedmag.net>
Reviewed-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Reviewed-by: Colin Harrison <colin.harrison@virgin.net>
Tested-by: Colin Harrison <colin.harrison@virgin.net>
It is not safe to ever use an arbitrary (possibly user supplied) string as
part of the format for a *sprintf() call.
For example:
1. Name a Bluetooth keyboard "%n%n%n%n%n%n%n%n"
2. Pair it with a computer running X and try to use it
3. X is not happy when trying to do the following in xf86-input-evdev:
xf86IDrvMsg(pInfo, X_CONFIG, "Device: \"%s\"\n", device);
because LogVHdrMessageVerb() has put the %n from the device name
into a format string of the form:
"evdev: %n%n%n%n%n%n%n%n: Device: \"%s\"\n"
Instead, build up a log message in place by appending successive formatted
strings by sncprintf'ing to the end of the previous.
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
The current code will write a timestamps into the logFile whenever
the last message ended with a '\n' - even if the verb for that timestamp
is at too high a level. This timestamp will sit there with no matching
message until the next call to LogVWrite with a valid verb.
In other words, in some cases, timestamps in the X.org.log are for some
completely unrelated message that was previously ignored due to
insufficient verbosity, and not for the message that appears next to it
in the log file.
We keep the current policy which appears to be to only apply timestamps if
a message is actually written to a log file. That is, no timestamps on
stderr, or in the mem buffer. Therefore, the timestamp stringification
is moved to the conditional where it is used.
Since logging uses a fixed length buffer, this patch also forces a '\n'
whenever a buffer is terminated due to a too-long write request. This
allows the newline detection to work even on overflow, and also cleans up
the log a bit in the overflow case.
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Normal snprintf() usually returns the number of bytes that would have been
written into a buffer had the buffer been long enough.
The scnprintf() variants return the actual number of bytes written,
excluding the trailing '\0'.
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
* space->tab
* remove comment that doesn't make any sense
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
If TimerSet() is called from a signal handler (synaptics tap handling code)
may result in list corruption if we're currently inside TimerSet().
See backtrace in
https://bugzilla.redhat.com/show_bug.cgi?id=814869
Block signals for all list manipulations in the timers.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Chase Douglas <chase.douglas@canonical.com>
This option specifies a file descriptor in the launching process. X
will scan for an available display number and write that number back to
the launching process, at the same time as SIGUSR1 generation. This
means display managers don't need to guess at available display numbers.
As a consequence, if X fails to start when using -displayfd, it's not
because the display was in use, so there's no point in retrying the X
launch on a higher display number.
Signed-off-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Chase Douglas <chase.douglas@canonical.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Tested-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Preparation work for per-device idle counters.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: James Jones <jajones@nvidia.com>
This is strictly the application of the script 'x-indent-all.sh'
from util/modular. Compared to the patch that Daniel posted in
January, I've added a few indent flags:
-bap
-psl
-T PrivatePtr
-T pmWait
-T _XFUNCPROTOBEGIN
-T _XFUNCPROTOEND
-T _X_EXPORT
The typedefs were needed to make the output of sdksyms.sh match the
previous output, otherwise, the code is formatted badly enough that
sdksyms.sh generates incorrect output.
The generated code was compared with the previous version and found to
be essentially identical -- "assert" line numbers and BUILD_TIME were
the only differences found.
The comparison was done with this script:
dir1=$1
dir2=$2
for dir in $dir1 $dir2; do
(cd $dir && find . -name '*.o' | while read file; do
dir=`dirname $file`
base=`basename $file .o`
dump=$dir/$base.dump
objdump -d $file > $dump
done)
done
find $dir1 -name '*.dump' | while read dump; do
otherdump=`echo $dump | sed "s;$dir1;$dir2;"`
diff -u $dump $otherdump
done
Signed-off-by: Keith Packard <keithp@keithp.com>
Acked-by: Daniel Stone <daniel@fooishbar.org>
Acked-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Changes to output:
* "Backtrace:" now appears on a separate line _with_ a timestamp
* A blank line is inserted after the last backtrace line
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Uses kvm_getargv() from libkvm.
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
Move some constants near their only users, and remove some
getdtablesize() logic that's second-guessing configure.
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
Signed-off-by: Adam Jackson <ajax@redhat.com>
Forwarding proxies like sshd will appear to be local, even though they
aren't really. This leads to weird behaviour for extensions that truly
require running under the same OS services as the client, like MIT-SHM
and DRI2.
Add two new legal values for the initial connection's byteOrder field,
'r' and 'R'. These act like 'l' and 'B' respectively, but have the side
effect of forcing the client to be treated as non-local. Forwarding
proxies should attempt to munge the first packet of the connection
accordingly; older servers will reject connections thusly munged, so the
proxy should fall back to passthrough if the munged connection attempt
fails.
Reviewed-by: Daniel Stone <daniel@fooishbar.org>
Signed-off-by: Adam Jackson <ajax@redhat.com>
If dladdr returns 0, don't go and use the returned Dl_info, it may
contain garbage.
X.Org bug#44315 <https://bugs.freedesktop.org/show_bug.cgi?id=44315>
Reported-and-tested-by: Cyril Brulebois <kibi@debian.org>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Reviewed-by: Cyril Brulebois <kibi@debian.org>
Signed-off-by: Julien Cristau <jcristau@debian.org>
Uses /proc/pid/psinfo to read command & partial arguments.
Moves cmdsize & argsize variables into non-Solaris #else clause
to avoid unused variable warnings.
Fixes format mismatch errors when building with DEBUG defined on
a 64-bit platform (where Mask is defined as CARD32).
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Rami Ylimäki <rami.ylimaki@vincit.fi>
Signed-off-by: Keith Packard <keithp@keithp.com>
xdmcp.c:63:36: warning: initialization discards qualifiers from pointer target type
xdmcp.c: In function 'XdmcpRegisterConnection':
xdmcp.c:482:8: warning: cast discards qualifiers from pointer target type
xdmcp.c:482:8: warning: cast discards qualifiers from pointer target type
xdmcp.c:482:8: warning: cast discards qualifiers from pointer target type
xdmcp.c: In function 'get_mcast_options':
xdmcp.c:1596:21: warning: initialization discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
And instead of initializing to NULL, then resetting to LOCKDIR almost
immediately (before ever using the NULL value), skip directly to setting
it to LOCKDIR.
tmppath variable is only used as input for generating the path name
via calls to strlen, sprintf, etc.
Fixes gcc warning of:
utils.c: In function 'LockServer':
utils.c:259:11: warning: assignment discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Fixes gcc warning:
io.c: In function 'WriteToClient':
io.c:826:6: warning: cast discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
It's only passed as the input side of a strcpy and as the filename to
fopen, so doesn't need to be non-const. Fixes gcc warning:
osinit.c: In function 'OsInit':
osinit.c:154:28: warning: initialization discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Almost all of the places the string is assigned point to a literal
string constant, so use const char * for those, and const char **
for function calls that return it via an argument. Fortunately
the top level function, ClientAuthorized, which returns the string
as its return value is called from only one place, ProcEstablishConnection.
ProcEstablishConnection stores either that return value or a string literal
in char *reason. It only uses reason as an argument to SendConnSetup.
SendConnSetup passes the reason argument to strlen & WriteToClient,
both of which already have const qualifiers on their args.
Thus added const to the reason variable in ProcEstablishConnection
and the reason argument to SendConnSetup.
Fixes gcc warnings:
dispatch.c: In function 'ProcEstablishConnection':
dispatch.c:3711:9: warning: assignment discards qualifiers from pointer target type
auth.c: In function 'CheckAuthorization':
auth.c:218:14: warning: assignment discards qualifiers from pointer target type
auth.c:220:20: warning: assignment discards qualifiers from pointer target type
connection.c: In function 'ClientAuthorized':
connection.c:683:3: warning: return discards qualifiers from pointer target type
mitauth.c: In function 'MitCheckCookie':
mitauth.c:88:13: warning: assignment discards qualifiers from pointer target type
xdmauth.c:259:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:270:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:277:11: warning: assignment discards qualifiers from pointer target type
xdmauth.c:293:15: warning: assignment discards qualifiers from pointer target type
xdmauth.c:313:14: warning: assignment discards qualifiers from pointer target type
xdmauth.c:322:11: warning: assignment discards qualifiers from pointer target type
rpcauth.c: In function 'SecureRPCCheck':
rpcauth.c:136:10: warning: assignment discards qualifiers from pointer target type
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
gcc was warning from storing string constants in a char *name field:
auth.c:64:1: warning: initialization discards qualifiers from pointer target type
auth.c:72:1: warning: initialization discards qualifiers from pointer target type
auth.c:81:1: warning: initialization discards qualifiers from pointer target type
Making the field const requires changing AuthorizationFromID to take
a const char ** pointer for the name argument which it sets to point
to the matching name entry.
Changing that argument requires changing its sole caller in the security
extension to pass the address of a const char * variable to it, which it
can do, since the only thing it does with the returned name is to pass
it back to the RemoveAuthorization function that already expects a const
char *name.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
No need to cast to char * now that all supported platforms use C89-standard
void * argument types, so just drop the casts from acmp & acopy macros,
which clears the gcc warnings for places const pointers were cast non-const:
access.c: In function 'DefineSelf':
access.c:786:3: warning: cast discards qualifiers from pointer target type
access.c:795:6: warning: cast discards qualifiers from pointer target type
access.c: In function 'NewHost':
access.c:1293:9: warning: cast discards qualifiers from pointer target type
access.c:1298:6: warning: cast discards qualifiers from pointer target type
access.c:1309:5: warning: cast discards qualifiers from pointer target type
Without the casts, acmp & acopy are just a funny way to write memcmp
& memmove, so drop the macros and inline the calls, taking care to
swap the first two arguments to memmove since it had swapped them.
Since all the calls to memmove end up being to non-overlapping memory
(mostly copying from an existing pointer to a newly allocated one),
replace those with memcpy.
And finally, don't actually call memcpy to copy 0 bytes from one place
to another, since that's just a waste of a perfectly good function call.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Replace multiple methods of checking for functions with AC_CHECK_FUNCS
Replace multiple methods of selecting fallback funcs with AC_REPLACE_FUNCS
Replace HAS_* and NEED_* #defines with autogenerated HAVE_*
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Mikhail Gusarov <dottedmag@dottedmag.net>
Reviewed-by: Gaetan Nadon <memsize@videotron.ca>
Silencing more gcc -Wwrite-strings warnings
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
This batch is the straightforward set - others are more complex and
need more analysis to determine right size to pass.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
"log.c", line 382: warning: assignment type mismatch:
pointer to char "=" pointer to const char
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
The extra "out" pointer to redirect writes to the array isn't needed since
the removal of LBX (commit a9ed5a8790), and eliminating it allows more
logical use of sizeof(addr) in length-checked strlcpy & snprintf calls to
write to it.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
*cmdname is initialized to NULL earlier in the function, so it's
okay to overwrite it with NULL if strdup fails, don't need that
extra check.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
As long as we're carrying around a compatibility copy in os/strl*.c,
might as well use them.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Linux test code fixed by: Keith Packard <keithp@keithp.com>
Two instances found in the SIOCGIFCONF code for listing network interfaces.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Any pad bytes in replies are written to the client from a zeroed
array. However, record extension tries to incorrectly access the pad
bytes from the end of reply data.
Signed-off-by: Rami Ylimäki <rami.ylimaki@vincit.fi>
Reviewed-by: Erkki Seppälä <erkki.seppala@vincit.fi>
Use fchmod() to change permissions of the lock file instead
of chmod(), thus avoid the race that can be exploited to set
a symbolic link to any file or directory in the system.
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
use O_NOFOLLOW to open the existing lock file, so symbolic links
aren't followed, thus avoid revealing if it point to an existing
file.
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
