Matthias Hopf
44f46bfb98
CVE-2007-6429: Always test for size+offset wrapping.
2008-02-20 22:17:42 +01:00
Eamon Walsh
74b40bba32
security: Fix for Bug #14480 : untrusted access broken in 7.3.
2008-02-14 19:47:44 -05:00
Adam Jackson
b6d4cdf64f
CVE-2007-6429: Don't spuriously reject <8bpp shm pixmaps.
...
Move size validation after depth validation, and only validate size if
the bpp of the pixmap format is > 8. If bpp < 8 then we're already
protected from overflow by the width and height checks.
(cherry picked from commit e9fa7c1c88
)
2008-01-18 21:01:32 +01:00
Matthieu Herrb
19b95cdd1d
Fix for CVE-2007-5958 - File existence disclosure.
2008-01-17 17:03:39 +01:00
Matthieu Herrb
8b14f7b742
Fix for CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows.
2008-01-17 17:02:36 +01:00
Matthieu Herrb
4848d49d05
Fix for CVE-2007-6428 - TOG-cup extension memory corruption.
2008-01-17 17:00:22 +01:00
Peter Harris
b037e4a5ab
Add missing swaps in panoramiXSwap.c
...
(cherry picked from commit cb67a10b7f6f564e0345de19316934361ea28720)
2007-11-30 20:42:28 +02:00
Fredrik Höglund
0f9e89b4e3
Fix the value comparisons in the IDLETIME wakeup handler.
...
LessThan/GreaterThan comparisons were used in the wakeup handler,
and LessOrEqual/GreaterOrEqual in the block handler.
Change it to use LessOrEqual/GreaterOrEqual in both functions,
since this is what XSyncNegativeComparison and
XSyncPositiveComparison imply.
2007-08-14 22:47:49 +02:00
Adam Jackson
4d76075dbb
Death to RCS tags.
2007-06-29 14:06:52 -04:00
Adam Jackson
f7f3fe7fe7
Remove the remnants of OS/2 support.
...
This has never worked in any modular server release, and as far as I know
was never tested in 6.7 through 6.9.
2007-06-28 18:59:05 -04:00
Eugene Konev
857ddbb660
Allow configurable serverconfigdir for security policy location
...
Allow the location of the SERVERCONFIGdir variable to be defined at
compile-time. This allows us to specify where the security policy will be
located (Debian uses this to put it in /etc). The default is to the
previous location.
2007-05-28 21:53:02 -04:00
Fredrik Höglund
7e2c935920
Add a new IDLETIME system sync counter.
...
This counter exposes the time in milliseconds since the last
input event. Clients such as screen savers and power managers
can set an alarm on this counter to find out when the idle time
reaches a certain value, without having to poll the server.
2007-05-18 20:15:31 +02:00
Stefan Huehner
1f6741db19
Bug #10560 : Code-Cleanup: function declarations () -> (void)
...
X.Org Bugzilla #10560 : <https://bugs.freedesktop.org/show_bug.cgi?id=10560 >
Patch #9511 <https://bugs.freedesktop.org/attachment.cgi?id=9511 >
2007-04-09 14:33:15 -07:00
Matthieu Herrb
645d87cf8e
CVE-2007-1003: XC-MISC Extension ProcXCMiscGetXIDList() Memory Corruption
2007-04-03 15:47:18 +02:00
Adam Jackson
04b87d6dfa
Static and dead code cleaup for Xext/
2007-03-25 17:57:22 -04:00
Adam Jackson
021fc5cb2c
Static markup and dead code cull over xkb/.
...
The former <X11/extensions/XKBsrv.h> has been pulled into the server now as
include/xkbsrv.h, and the world updated to look for it in the new place,
since it made no sense to define server API in an extension header. Any
further work along this line will need to do similar things with XKBgeom.h
and friends.
2007-03-20 18:37:02 -04:00
Eamon Walsh
a7cd53deb9
remove PIXPRIV checks as this flag is always set.
2007-03-06 17:05:03 -05:00
Peter Hutterer
68c64ad7b1
Xext: Update device's lastx/lasty when sending a motion event with XTest.
2007-03-01 09:59:37 +10:30
Eamon Walsh
c2f3f705f1
Bug #6988 : Change behavior of Security extension per user feature request.
2007-02-15 14:38:24 -05:00
Alan Coopersmith
b32a40817f
Correct variable descriptions in comment for SecurityCheckResourceIDAccess
2007-01-24 16:29:49 -08:00
Eamon Walsh
ab1d5b0c31
Convert callers of LookupClient() to dixLookupClient().
2006-12-15 17:26:58 -05:00
Eamon Walsh
10aabb729d
Convert callers of LookupDrawable() to dixLookupDrawable().
2006-12-15 16:36:29 -05:00
Eamon Walsh
25d5e0a629
Convert callers of SecurityLookupWindow() to dixLookupWindow().
2006-12-15 15:50:46 -05:00
Eamon Walsh
04c721854f
Convert callers of LookupWindow() to dixLookupWindow().
2006-12-15 14:19:54 -05:00
Eamon Walsh
00f0705b3b
Remove instances of macros SECURITY_VERIFY_GEOMETRABLE and SECURITY_VERIFY_GC.
2006-12-14 19:15:21 -05:00
Eamon Walsh
5e334f06a1
Remove instances of macros VERIFY_GEOMETRABLE and VERIFY_GC.
2006-12-14 18:27:09 -05:00
Eamon Walsh
51b69ff499
Remove instances of macro SECURITY_VERIFY_DRAWABLE.
2006-12-14 17:53:43 -05:00
Eamon Walsh
0cf75e7432
Remove instances of macros LOOKUP_DRAWABLE and VERIFY_DRAWABLE.
2006-12-14 17:45:11 -05:00
Eamon Walsh
6c46645cfc
Naming change: Security*Access -> Dix*Access
2006-12-14 14:45:42 -05:00
Eamon Walsh
ac90ce58ba
Naming change: Security*Operation -> Xace*Operation
2006-12-01 21:15:41 -05:00
Eamon Walsh
f44f14fe56
Define calls away when not building XACE, allowing ifdef's to be removed.
2006-12-01 21:15:41 -05:00
Daniel Stone
8ba0c7b62c
xace: avoid 'unused variable pScreen'
...
Initialise pScreen explicitly, as REGION_* macros ignore pScreen.
2006-11-08 15:29:16 +02:00
Eamon Walsh
3d39c02fe6
More work on Bug #8875 : revert previous fix and try using client argument
...
instead of serverClient. Also don't use totalClientSize as it is not
initialized until after the first call to InitClient.
2006-11-06 21:25:52 -05:00
Eamon Walsh
75fe0670eb
whitespace adjust
2006-11-06 15:30:25 -05:00
Eamon Walsh
0539d9cf24
Bug #8875 : Security extension causes Xorg to core dump on server reset
2006-11-06 15:29:17 -05:00
Eamon Walsh
49a70c8570
Merge branch 'master' into my-XACE-modular
2006-09-15 15:26:57 -04:00
Eamon Walsh
d1110c5c83
Generalize the handling of configuration files that ship with extensions.
2006-09-08 15:28:48 -04:00
Eamon Walsh
0fba09cdfc
Include dix-config.h.
2006-09-08 15:23:06 -04:00
Eamon Walsh
c93877100e
Don't need to allocate memory now that devPrivates are being used.
2006-09-08 15:21:57 -04:00
Michel Dänzer
f6ce0839ba
Fix #include paths for fontcacheproto headers.
2006-09-06 13:18:02 +02:00
Eamon Walsh
0b81fccd2e
Merge branch 'master' into my-XACE-modular
...
Conflicts:
configure.ac
2006-09-05 18:03:25 -04:00
Matthew Allum
5ddbf4bcd4
Re-add support for tslib (1.0 release) and Xcalibrate extension.
2006-08-29 22:07:15 +01:00
Eamon Walsh
13c6713c82
Add four new XACE hooks: auditing, key event notification, window init
2006-08-25 18:17:01 -04:00
Eamon Walsh
52ba722e4c
Merge branch 'XACE-modular' into my-XACE-modular
2006-08-21 18:49:31 -04:00
Alan Coopersmith
c2535f6792
Merge branch 'master' of git+ssh://git.freedesktop.org/git/xorg/xserver into XACE-modular
2006-08-10 10:37:59 -07:00
Daniel Stone
12dbd8a02f
remove optional R3 backwards compatibility
...
Remove the permitOldBugs flag, which enabled backwards compatbility with
broken R2/R3 era clients.
2006-08-07 23:43:40 +03:00
Eamon Walsh
45c229f526
Remove LBX code.
2006-08-03 14:26:06 -04:00
Eamon Walsh
96e45626c4
Rebase Security extension to use devPrivates for storing security state.
2006-08-02 20:29:59 -04:00
Matthew Allum
02daa6bb10
Improve XRes to;
...
- Better estimate general pixmap memory usage.
- Account for pixmaps shared between clients.
- Account for window background and border pixmaps,
and GC stripple and tile pixmaps.
2006-07-31 17:32:05 +01:00
Daniel Stone
bf2d7499c8
add securitysrv.h
2006-07-30 11:17:02 +03:00