andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
3db7e332d3
xserver-multidpi/hw/xquartz
History
Jeremy Huddleston Sequoia 3db7e332d3 XQuartz: Make sure that darwin_all_modifier_mask_additions is 0-terminated 
Found by ASan

X.Org X Server 1.17.99.901 Build Date: 20151018
================================================================
==40471==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000101fed7a4 at pc 0x000101584030 bp 0x70000029f920 sp 0x70000029f918
READ of size 4 at 0x000101fed7a4 thread T7
    #0 0x10158402f in DarwinEQInit darwinEvents.c:377
    #1 0x10157f3bc in InitInput darwin.c:566
    #2 0x101be87ad in dix_main main.c:268
    #3 0x10159131b in server_thread quartzStartup.c:66
    #4 0x7fff8a535c12 in _pthread_body (/usr/lib/system/libsystem_pthread.dylib+0x3c12)
    #5 0x7fff8a535b8f in _pthread_start (/usr/lib/system/libsystem_pthread.dylib+0x3b8f)
    #6 0x7fff8a533374 in thread_start (/usr/lib/system/libsystem_pthread.dylib+0x1374)

0x000101fed7a4 is located 0 bytes to the right of global variable 'darwin_all_modifier_mask_additions' defined in 'darwinEvents.c:181:12'
(0x101fed7a0) of size 4
SUMMARY: AddressSanitizer: global-buffer-overflow darwinEvents.c:377 DarwinEQInit
Shadow bytes around the buggy address:
  0x1000203fdaa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdac0: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
  0x1000203fdad0: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
  0x1000203fdae0: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00 00 f9 f9 f9
=>0x1000203fdaf0: f9 f9 f9 f9[04]f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x1000203fdb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdb10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdb20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdb30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1000203fdb40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
Thread T7 created by T0 here:
    #0 0x10242ee99 in wrap_pthread_create
(/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.0/lib/darwin/libclang_rt.asan_osx_dynamic.dylib+0x37e99)
    #1 0x101591089 in create_thread quartzStartup.c:78
    #2 0x101590ed9 in QuartzInitServer quartzStartup.c:95
    #3 0x1015697eb in X11ApplicationMain X11Application.m:1277
    #4 0x101575dc0 in X11ControllerMain X11Controller.m:984
    #5 0x10159171a in server_main quartzStartup.c:127
    #6 0x101540fc0 in do_start_x11_server bundle-main.c:436
    #7 0x101544869 in _Xstart_x11_server mach_startupServer.c:189
    #8 0x101545c96 in mach_startup_server mach_startupServer.c:398
    #9 0x7fff8d1b70f3 in mach_msg_server (/usr/lib/system/libsystem_kernel.dylib+0x110f3)
    #10 0x1015416e7 in main bundle-main.c:774
    #11 0x7fff8bd975ac in start (/usr/lib/system/libdyld.dylib+0x35ac)
    #12 0x0  (<unknown module>)

Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
2015-10-19 09:05:54 -07:00
..
bundle XQuartz: Remove InfoPlist.strings 2015-10-13 14:19:05 -07:00
GL XQuartz: GLX: Use __glXEnableExtension to build extensions list 2015-06-09 23:05:22 -07:00
mach-startup XQuartz: Silence a clang static analysis warning about a possible memory leak on exit 2014-01-12 23:12:48 -08:00
man XQuartz: Add a scroll_in_device_direction preference 2011-07-19 20:00:27 -07:00
pbproxy XQuartz: pbproxy: Fix build with -DDEBUG 2013-09-16 07:06:57 -07:00
xpr cursor: drop ARGB_CURSOR 2015-06-30 12:17:51 +10:00
applewm.c XQuartz: Avoid passing uninitialized pointers to X11ApplicationSetWindowMenu in AppleWMSetWindowMenu 2014-01-12 23:12:49 -08:00
applewmExt.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
console_redirect.c XQuartz: console_redirect: Properly zero-out the tail of the array on realloc() 2012-08-16 19:44:00 -07:00
console_redirect.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
darwin.c Drop trailing whitespaces 2014-11-12 10:25:00 +10:00
darwin.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
darwinEvents.c XQuartz: Make sure that darwin_all_modifier_mask_additions is 0-terminated 2015-10-19 09:05:54 -07:00
darwinEvents.h XQuartz: darwinPointer now sends both absolute and relative motion 2012-04-23 20:20:42 -07:00
darwinfb.h XQuartz: Fix darwinfb.h header guard 2014-01-12 23:12:48 -08:00
darwinXinput.c XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
keysym2ucs.c XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
keysym2ucs.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
Makefile.am Build fbcmap_mi.c once, rather than once for each DDX 2014-03-27 14:34:06 +00:00
quartz.c dix: Restore PaintWindow screen hook 2015-07-08 16:41:28 -04:00
quartz.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
quartzCocoa.m XQuartz: pointer -> void * 2014-02-14 00:33:38 -08:00
quartzCommon.h Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
quartzKeyboard.c XQuartz: Silence -Wunused-function 2015-06-09 23:42:03 -07:00
quartzKeyboard.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
quartzRandR.c XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
quartzRandR.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
quartzStartup.c XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
sanitizedCarbon.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
sanitizedCocoa.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
X11Application.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
X11Application.m XQuartz: Fix how we calculate the height of the OSX menu bar 2015-10-13 14:19:05 -07:00
X11Controller.h XQuartz: Source formatting cleanup 2012-03-24 01:07:06 -07:00
X11Controller.m XQuartz: Silence -Wformat-security for NSRunAlertPanel 2015-06-09 23:42:03 -07:00