This allows untrusted clients to destroy their own windows when they
have been reparented by a trusted window manager.
(cherry picked from commit 4559d2ace6)
Previously, three extensions were defined as "trusted" by the extension:
BIG-REQUESTS, XC-MISC, and XPrint. No other extensions were permitted
to be used by untrusted clients.
In commit 8b5d21cc1d this was changed for
some reason. Return to the old, compatible behavior.
(cherry picked from commit 6045506be0)
Fix panoramiX request and reply swapping
Set window and screen values in panoramix replies
Prevent buffer overrun in ProcPanoramiXGetScreenSize
(cherry picked from commit 2b266eda6e)
The XEvIE extension doesn't clear the rep.length field for any reply but
the version check. Hence, if there is junk data in it and that is sent
to the client, it hangs.
X.Org bug#17394 (http://bugs.freedesktop.org/show_bug.cgi?id=17394)
(cherry picked from commit d3ae193f4a)
There's no reason to not just dispatch this straight into the GC. As a
bonus, if you do so, damage wraps correctly, and thus swcursor works.
The side effect is it's no longer possible to override ShmPutImage with
ShmRegisterFuncs().
Also remove the (broken) damage tracking for same from EXA, since it didn't
work right, and is now superfluous.
(cherry picked from commit ee7c684f21)
Lack of validation of the parameters of the
SProcSecurityGenerateAuthorization SProcRecordCreateContext
functions makes it possible for a specially crafted request to trigger
the swapping of bytes outside the parameter of these requests, causing
memory corruption.
(cherry picked from commit 95d162c438)
An integer overflow in the validation of the parameters of the
ShmPutImage() request makes it possible to trigger the copy of
arbitrary server memory to a pixmap that can subsequently be read by
the client, to read arbitrary parts of the X server memory space.
(cherry picked from commit 063f18ef6d)
This allows using PanoramiXTranslateVisualID to test whether a given visual made
it through PanoramiXVisualConsolidate.
(cherry picked from commit 8b3d26f5b6)
Create a new exported global variable, XineramaVisualsEqualPtr. Use this
pointer to decide whether two visuals are equal during visual consolidation.
This pointer can be wrapped, which allows drivers and extensions to control
which visuals are consolidated. A wrapper can reject the visuals without
calling down, but must call down and return that result if it deems the visuals
equal. This ensures that all layers agree that the visuals are equal.
Pass the screen of the other visual into the VisualsEqual callchain.
Don't free PanoramiXVisuals since we need it for PanoramiXTranslateVisualID.
Don't skip the first visual on the other screen in PanoramiXMaybeAddVisual.
Skip the loop in PanoramiXTranslateVisualID if screen is 0.
(cherry picked from commit c50b5d9789)
Patch by Joe Nall.
The option goes in the "extmod" subsection.
TODO: Make it easier for extension modules to handle their own options.
(cherry picked from commit b5f98fcea2)
Makes it easier to figure out what you're seeing in the stack trace
instead of wondering where in the server "ProcSend" is.
(cherry picked from commit 060a99444e)
Formerly the code claimed it could only handle up to 256 visuals, which
was true. Also true, but not explicitly stated, was that it could only
handle visuals with VID < 256. If you have enough screens, and subsystems
that add lots of visuals, you can easily run off the end. (Made worse
because we allocate visual IDs from the same pool as XIDs.) If your app
then chooses a visual > 256, then the Xinerama code would throw BadMatch
on CreateColormap and your app wouldn't start.
With this change, PanoramiXVisualTable is gone. Other subsystems that
were using it as a translation table between each screen's visuals now
use a PanoramiXTranslateVisual() helper.
To recap: the original XC-SECURITY extension disallowed background "None" if
the window was untrusted. XACE 1.0 preserved this check as a hook function.
XACE pre-2.0 removed the hook and first abolished background "None entirely,
then restored it as a global on/off switch in response to Bug #13683.
Now it's back to being per-window, via a flag instead of a hook function.