--- libdmx-1.1.2.orig/autogen.sh +++ libdmx-1.1.2/autogen.sh @@ -0,0 +1,12 @@ +#! /bin/sh + +srcdir=`dirname $0` +test -z "$srcdir" && srcdir=. + +ORIGDIR=`pwd` +cd $srcdir + +autoreconf -v --install || exit 1 +cd $ORIGDIR || exit $? + +$srcdir/configure --enable-maintainer-mode "$@" --- libdmx-1.1.2.orig/configure.ac +++ libdmx-1.1.2/configure.ac @@ -43,6 +43,13 @@ # Obtain compiler/linker options for depedencies PKG_CHECK_MODULES(DMX, x11 xext xextproto [dmxproto >= 2.2.99.1]) +# Check for _XEatDataWords function that may be patched into older Xlib releases +SAVE_LIBS="$LIBS" +LIBS="$DMX_LIBS" +AC_CHECK_FUNCS([_XEatDataWords]) +LIBS="$SAVE_LIBS" + + AC_CONFIG_FILES([Makefile src/Makefile man/Makefile --- libdmx-1.1.2.orig/debian/rules +++ libdmx-1.1.2/debian/rules @@ -0,0 +1,98 @@ +#!/usr/bin/make -f +# debian/rules for the Debian libdmx package. +# Copyright © 2004 Scott James Remnant +# Copyright © 2005 Daniel Stone +# Copyright © 2005 David Nusinow + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# set this to the name of the main shlib's binary package +PACKAGE = libdmx1 + +CFLAGS = -Wall -g +ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif + +DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) +ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += --build=$(DEB_HOST_GNU_TYPE) +else + confflags += --build=$(DEB_BUILD_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE) +endif + +build: build-arch +build-indep: +build-arch: build-stamp +build-stamp: + dh_testdir + autoreconf -vfi + mkdir -p build + cd build && \ + ../configure --prefix=/usr --mandir=\$${prefix}/share/man \ + --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) \ + --infodir=\$${prefix}/share/info $(confflags) \ + CFLAGS="$(CFLAGS)" + cd build && $(MAKE) + + touch build-stamp + +clean: + dh_testdir + rm -f build-stamp + + rm -f config.cache config.log config.status + rm -f */config.cache */config.log */config.status + rm -f conftest* */conftest* + rm -rf autom4te.cache */autom4te.cache + rm -rf build + rm -f INSTALL aclocal.m4 config.guess config.h.in config.sub configure + rm -f depcomp install-sh ltmain.sh missing mkinstalldirs + find -name Makefile.in -delete + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + cd build && $(MAKE) DESTDIR=$(CURDIR)/debian/tmp install + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + + dh_installdocs + dh_install --sourcedir=debian/tmp --fail-missing -X.la + dh_installchangelogs + dh_link + dh_strip --dbg-package=$(PACKAGE)-dbg + dh_compress + dh_fixperms + dh_makeshlibs + dh_shlibdeps + dh_installdeb + dh_gencontrol + dh_md5sums + dh_builddeb + +# Build architecture-independent files here. +binary-indep: build install +# Nothing to do + +binary: binary-indep binary-arch +.PHONY: build build-arch build-indep +.PHONY: clean binary-indep binary-arch binary install --- libdmx-1.1.2.orig/debian/control +++ libdmx-1.1.2/debian/control @@ -0,0 +1,105 @@ +Source: libdmx +Section: x11 +Priority: optional +Maintainer: Debian X Strike Force +Uploaders: Cyril Brulebois +Build-Depends: + libx11-dev (>= 1:0.99.2), + x11proto-dmx-dev (>= 1:2.2.99.1), + libxext-dev (>= 1:0.99.1), + automake, + libtool, + xutils-dev (>= 1:7.5+4), + pkg-config, +# DEB_HOST_MULTIARCH + dpkg-dev (>= 1.16), +# misc:Pre-Depends + debhelper (>= 8.1.3), +Standards-Version: 3.9.3 +Vcs-Git: git://git.debian.org/git/pkg-xorg/lib/libdmx +Vcs-Browser: http://git.debian.org/?p=pkg-xorg/lib/libdmx.git + +Package: libdmx1 +Section: libs +Architecture: any +Multi-Arch: same +Pre-Depends: + ${misc:Pre-Depends}, +Depends: + ${shlibs:Depends}, + ${misc:Depends}, +Description: X11 Distributed Multihead extension library + libdmx is an interface to the DMX extension for X, which allows a single + server to be set up as a proxy spanning multiple servers -- not unlike + Xinerama across discrete physical machines. It can be reconfigured + on the fly to change the layout, and it is presented as a single logical + display to clients. + . + libdmx allows clients to configure the layout of DMX servers by adding + and removing screens, input devices, et al. + . + More information about X.Org can be found at: + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libdmx + +Package: libdmx1-dbg +Section: debug +Architecture: any +Priority: extra +Multi-Arch: same +Pre-Depends: + ${misc:Pre-Depends}, +Depends: + ${shlibs:Depends}, + ${misc:Depends}, + libdmx1 (= ${binary:Version}), +Description: X11 Distributed Multihead library (debug package) + libdmx is an interface to the DMX extension for X, which allows a single + server to be set up as a proxy spanning multiple servers -- not unlike + Xinerama across discrete physical machines. It can be reconfigured + on the fly to change the layout, and it is presented as a single logical + display to clients. + . + libdmx allows clients to configure the layout of DMX servers by adding + and removing screens, input devices, et al. + . + This package contains the debug versions of the library found in libdmx1. + Non-developers likely have little use for this package. + . + More information about X.Org can be found at: + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libdmx + +Package: libdmx-dev +Section: libdevel +Architecture: any +Multi-Arch: same +Depends: + ${shlibs:Depends}, + ${misc:Depends}, + libdmx1 (= ${binary:Version}), + libx11-dev, + x11proto-dmx-dev, +Replaces: x11proto-dmx-dev (<< 1:2.2.99.1) +Description: X11 Distributed Multihead extension library (development headers) + libdmx is an interface to the DMX extension for X, which allows a single + server to be set up as a proxy spanning multiple servers -- not unlike + Xinerama across discrete physical machines. It can be reconfigured + on the fly to change the layout, and it is presented as a single logical + display to clients. + . + libdmx allows clients to configure the layout of DMX servers by adding + and removing screens, input devices, et al. + . + This package contains the development headers for the library found in + libdmx1. Non-developers likely have little use for this package. + . + More information about X.Org can be found at: + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libdmx --- libdmx-1.1.2.orig/debian/libdmx-dev.install +++ libdmx-1.1.2/debian/libdmx-dev.install @@ -0,0 +1,5 @@ +usr/share/man/* +usr/lib/*/libdmx.a +usr/lib/*/libdmx.so +usr/lib/*/pkgconfig/dmx.pc +usr/include --- libdmx-1.1.2.orig/debian/watch +++ libdmx-1.1.2/debian/watch @@ -0,0 +1,3 @@ +#git=git://anongit.freedesktop.org/xorg/lib/libdmx +version=3 +http://xorg.freedesktop.org/releases/individual/lib/ libdmx-(.*)\.tar\.gz --- libdmx-1.1.2.orig/debian/copyright +++ libdmx-1.1.2/debian/copyright @@ -0,0 +1,27 @@ +This package was downloaded from +http://xorg.freedesktop.org/releases/individual/lib/ + +Copyright 2002-2004 Red Hat Inc., Durham, North Carolina. + +All Rights Reserved. + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation on the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of the Software, +and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice (including the +next paragraph) shall be included in all copies or substantial +portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NON-INFRINGEMENT. IN NO EVENT SHALL RED HAT AND/OR THEIR SUPPLIERS +BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN +ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. --- libdmx-1.1.2.orig/debian/README.source +++ libdmx-1.1.2/debian/README.source @@ -0,0 +1,73 @@ +------------------------------------------------------ +Quick Guide To Patching This Package For The Impatient +------------------------------------------------------ + +1. Make sure you have quilt installed +2. Unpack the package as usual with "dpkg-source -x" +3. Run the "patch" target in debian/rules +4. Create a new patch with "quilt new" (see quilt(1)) +5. Edit all the files you want to include in the patch with "quilt edit" + (see quilt(1)). +6. Write the patch with "quilt refresh" (see quilt(1)) +7. Run the "clean" target in debian/rules + +Alternatively, instead of using quilt directly, you can drop the patch in to +debian/patches and add the name of the patch to debian/patches/series. + +------------------------------------ +Guide To The X Strike Force Packages +------------------------------------ + +The X Strike Force team maintains X packages in git repositories on +git.debian.org in the pkg-xorg subdirectory. Most upstream packages +are actually maintained in git repositories as well, so they often +just need to be pulled into git.debian.org in a "upstream-*" branch. +Otherwise, the upstream sources are manually installed in the Debian +git repository. + +The .orig.tar.gz upstream source file could be generated this +"upstream-*" branch in the Debian git repository but it is actually +copied from upstream tarballs directly. + +Due to X.org being highly modular, packaging all X.org applications +as their own independent packages would have created too many Debian +packages. For this reason, some X.org applications have been grouped +into larger packages: xutils, xutils-dev, x11-apps, x11-session-utils, +x11-utils, x11-xfs-utils, x11-xkb-utils, x11-xserver-utils. +Most packages, including the X.org server itself and all libraries +and drivers are, however maintained independently. + +The Debian packaging is added by creating the "debian-*" git branch +which contains the aforementioned "upstream-*" branch plus the debian/ +repository files. +When a patch has to be applied to the Debian package, two solutions +are involved: +* If the patch is available in one of the upstream branches, it + may be git'cherry-picked into the Debian repository. In this + case, it appears directly in the .diff.gz. +* Otherwise, the patch is added to debian/patches/ which is managed + with quilt as documented in /usr/share/doc/quilt/README.source. + +quilt is actually invoked by the Debian X packaging through a larger +set of scripts called XSFBS. XSFBS brings some other X specific +features such as managing dependencies and conflicts due to the video +and input driver ABIs. +XSFBS itself is maintained in a separate repository at + git://git.debian.org/pkg-xorg/xsfbs.git +and it is pulled inside the other Debian X repositories when needed. + +The XSFBS patching system requires a build dependency on quilt. Also +a dependency on $(STAMP_DIR)/patch has to be added to debian/rules +so that the XSFBS patching occurs before the actual build. So the +very first target of the build (likely the one running autoreconf) +should depend on $(STAMP_DIR)/patch. It should also not depend on +anything so that parallel builds are correctly supported (nothing +should probably run while patching is being done). And finally, the +clean target should depend on the xsfclean target so that patches +are unapplied on clean. + +When the upstream sources contain some DFSG-nonfree files, they are +listed in text files in debian/prune/ in the "debian-*" branch of +the Debian repository. XSFBS' scripts then take care of removing +these listed files during the build so as to generate a modified +DFSG-free .orig.tar.gz tarball. --- libdmx-1.1.2.orig/debian/changelog +++ libdmx-1.1.2/debian/changelog @@ -0,0 +1,141 @@ +libdmx (1:1.1.2-1+deb7u1) wheezy-security; urgency=high + + * integer overflows calculating memory needs for replies [CVE-2013-1992] + + -- Julien Cristau Wed, 15 May 2013 20:12:21 +0200 + +libdmx (1:1.1.2-1) unstable; urgency=low + + [ Robert Hooker ] + * New upstream release. + + [ Julien Cristau ] + * Remove debian/xsfbs/, it's not used in this package anymore. + * Build for multiarch. + * Don't require fakeroot for debian/rules clean. + * Use dh_install --fail-missing and ignore the .la file. + * Add build-arch and build-indep debian/rules targets. + * Remove David Nusinow from Uploaders. + * Bump Standards-Version to 3.9.3. + + -- Julien Cristau Sun, 25 Mar 2012 16:15:13 +0200 + +libdmx (1:1.1.1-1) unstable; urgency=low + + [ Julien Cristau ] + * Rename the build directory to not include DEB_BUILD_GNU_TYPE for no + good reason. Thanks, Colin Watson! + * Remove myself from Uploaders + + [ Cyril Brulebois ] + * New upstream release. + * Bump xutils-dev build-dep for new macros. + * Add myself to Uploaders. + + -- Cyril Brulebois Sat, 06 Nov 2010 10:51:38 +0100 + +libdmx (1:1.1.0-2) unstable; urgency=low + + * Upload to unstable. + + -- Julien Cristau Wed, 06 Jan 2010 13:02:42 +0000 + +libdmx (1:1.1.0-1) experimental; urgency=low + + [ Timo Aaltonen ] + * New upstream release. + * Bump the build-dep on xutils-dev (>= 1:7.5~1). + + -- Julien Cristau Sat, 28 Nov 2009 16:07:39 +0100 + +libdmx (1:1.0.99.1-1) experimental; urgency=low + + [ Brice Goglin ] + * Add upstream URL to debian/copyright. + * Add a link to www.X.org and a reference to the upstream module + in the long description. + + [ Julien Cristau ] + * New upstream release candidate. + * dmxext.h has moved here from dmxproto; add build-dep on new proto, add + Replaces to libdmx-dev. + * Run autoreconf at build time. + * Parse space-separated DEB_BUILD_OPTIONS, handle parallel=N. + * Move libdmx1-dbg to new 'debug' section. + * Drop Pre-Depends on x11-common which was necessary for upgrades from + sarge. + * Bump Standards-Version to 3.8.3. + + -- Julien Cristau Sat, 05 Sep 2009 17:21:33 +0200 + +libdmx (1:1.0.2-3) unstable; urgency=low + + * Remove outdated cvs information from the package descriptions, and add + Vcs-* headers. + * Drop pre-dependency on x11-common from libdmx1, it's not needed. + * Remove Branden and Fabio from Uploaders with their permission. + * Don't build-depend on packages with a -1 debian revision. + * Bump Standards-Version to 3.7.3. + * Use ${binary:Version} instead of ${Source-Version} in dependencies. + * Add correct Section control fields for binary packages. + * libdmx1-dbg doesn't need a dependency on x11-common. + * Add myself to Uploaders. + * autoreconf with recent autotools to get updated config.{guess,sub}. + + -- Julien Cristau Sun, 11 May 2008 14:06:24 +0200 + +libdmx (1:1.0.2-2) unstable; urgency=low + + [ Andres Salomon ] + * Test for obj-$(DEB_BUILD_GNU_TYPE) before creating it during build; + idempotency fix. + + [ Drew Parsons ] + * dbg package has priority extra. + + -- David Nusinow Tue, 29 Aug 2006 20:23:24 +0000 + +libdmx (1:1.0.2-1) experimental; urgency=low + + * New upstream release + * Bump debhelper compat to 5 + * Remove extra dependency on x11-common in -dev package + * Bump standards version to 3.7.2.0 + * Run dh_install with --list-missing + * Don't try and install header files for -dev package anymore, they're not + there + + -- David Nusinow Mon, 3 Jul 2006 16:08:36 -0400 + +libdmx (1:1.0.1-3) unstable; urgency=low + + * Version pre-depends on x11-common properly. Thanks Josh Triplett. + (closes: #362877) + * Reorder makeshlib command in rules file so that ldconfig is run + properly. Thanks Drew Parsons and Steve Langasek. + + -- David Nusinow Tue, 18 Apr 2006 21:54:54 -0400 + +libdmx (1:1.0.1-2) unstable; urgency=low + + * Upload to unstable + + -- David Nusinow Thu, 23 Mar 2006 22:44:19 -0500 + +libdmx (1:1.0.1-1) experimental; urgency=low + + * First upload to Debian + + -- David Nusinow Thu, 29 Dec 2005 20:46:13 -0500 + +libdmx (7.0.0-2) breezy; urgency=low + + * Bump libx11-dev and libxext-dev Build-Depends to avoid _XOPEN_SOURCE. + + -- Daniel Stone Sat, 23 Jul 2005 00:27:06 +1000 + +libdmx (7.0.0-1) breezy; urgency=low + + * First libdmx release. + + -- Daniel Stone Mon, 16 May 2005 22:10:17 +1000 --- libdmx-1.1.2.orig/debian/compat +++ libdmx-1.1.2/debian/compat @@ -0,0 +1 @@ +5 --- libdmx-1.1.2.orig/debian/libdmx1.install +++ libdmx-1.1.2/debian/libdmx1.install @@ -0,0 +1 @@ +usr/lib/*/libdmx.so.1* --- libdmx-1.1.2.orig/src/dmx.c +++ libdmx-1.1.2/src/dmx.c @@ -38,12 +38,16 @@ * can be included in client applications by linking with the libdmx.a * library. */ +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif #include #include #define EXTENSION_PROC_ARGS void * #include #include #include +#include static XExtensionInfo dmx_extension_info_data; static XExtensionInfo *dmx_extension_info = &dmx_extension_info_data; @@ -82,6 +86,19 @@ static XEXT_GENERATE_CLOSE_DISPLAY(close_display, dmx_extension_info) +#ifndef HAVE__XEATDATAWORDS +#include /* for LONG64 on 64-bit platforms */ + +static inline void _XEatDataWords(Display *dpy, unsigned long n) +{ +# ifndef LONG64 + if (n >= (ULONG_MAX >> 2)) + _XIOError(dpy); +# endif + _XEatData (dpy, n << 2); +} +#endif + /***************************************************************************** * * @@ -233,6 +250,7 @@ XExtDisplayInfo *info = find_display(dpy); xDMXGetScreenAttributesReply rep; xDMXGetScreenAttributesReq *req; + Bool ret = False; DMXCheckExtension(dpy, info, False); @@ -247,7 +265,15 @@ SyncHandle(); return False; } - attr->displayName = Xmalloc(rep.displayNameLength + 1 + 4 /* for pad */); + + if (rep.displayNameLength < 1024) + attr->displayName = Xmalloc(rep.displayNameLength + 1 + 4 /* for pad */); + else + attr->displayName = NULL; /* name length is unbelievable, reject */ + if (attr->displayName == NULL) { + _XEatDataWords(dpy, rep.length); + goto end; + } _XReadPad(dpy, attr->displayName, rep.displayNameLength); attr->displayName[rep.displayNameLength] = '\0'; attr->logicalScreen = rep.logicalScreen; @@ -263,9 +289,13 @@ attr->rootWindowYoffset = rep.rootWindowYoffset; attr->rootWindowXorigin = rep.rootWindowXorigin; attr->rootWindowYorigin = rep.rootWindowYorigin; + + ret = True; + + end: UnlockDisplay(dpy); SyncHandle(); - return True; + return ret; } static CARD32 _DMXGetScreenAttribute(int bit, DMXScreenAttributes *attr) @@ -494,6 +524,7 @@ CARD32 *windows; /* Must match protocol size */ XRectangle *pos; /* Must match protocol size */ XRectangle *vis; /* Must match protocol size */ + Bool ret = False; DMXCheckExtension(dpy, info, False); @@ -508,11 +539,30 @@ return False; } - /* FIXME: check for NULL? */ - screens = Xmalloc(rep.screenCount * sizeof(*screens)); - windows = Xmalloc(rep.screenCount * sizeof(*windows)); - pos = Xmalloc(rep.screenCount * sizeof(*pos)); - vis = Xmalloc(rep.screenCount * sizeof(*vis)); + /* + * rep.screenCount is a CARD32 so could be as large as 2^32 + * The X11 protocol limits the total screen size to 64k x 64k, + * and no screen can be smaller than a pixel. While technically + * that means we could theoretically reach 2^32 screens, and that's + * not even taking overlap into account, 64k seems far larger than + * any reasonable configuration, so we limit to that to prevent both + * integer overflow in the size calculations, and bad X server + * responses causing massive memory allocation. + */ + if (rep.screenCount < 65536) { + screens = Xmalloc(rep.screenCount * sizeof(*screens)); + windows = Xmalloc(rep.screenCount * sizeof(*windows)); + pos = Xmalloc(rep.screenCount * sizeof(*pos)); + vis = Xmalloc(rep.screenCount * sizeof(*vis)); + } else { + screens = windows = NULL; + pos = vis = NULL; + } + + if (!screens || !windows || !pos || !vis) { + _XEatDataWords(dpy, rep.length); + goto end; + } _XRead(dpy, (char *)screens, rep.screenCount * sizeof(*screens)); _XRead(dpy, (char *)windows, rep.screenCount * sizeof(*windows)); @@ -528,7 +578,9 @@ inf->pos = pos[current]; inf->vis = vis[current]; } + ret = True; + end: Xfree(vis); Xfree(pos); Xfree(windows); @@ -536,7 +588,7 @@ UnlockDisplay(dpy); SyncHandle(); - return True; + return ret; } /** If the DMXGetDesktopAttributes protocol request returns information @@ -671,6 +723,7 @@ xDMXGetInputAttributesReply rep; xDMXGetInputAttributesReq *req; char *buffer; + Bool ret = False; DMXCheckExtension(dpy, info, False); @@ -685,6 +738,16 @@ return False; } + if (rep.nameLength < 1024) + buffer = Xmalloc(rep.nameLength + 1 + 4 /* for pad */); + else + buffer = NULL; /* name length is unbelievable, reject */ + + if (buffer == NULL) { + _XEatDataWords(dpy, rep.length); + goto end; + } + switch (rep.inputType) { case 0: inf->inputType = DMXLocalInputType; break; case 1: inf->inputType = DMXConsoleInputType; break; @@ -696,13 +759,14 @@ inf->isCore = rep.isCore; inf->sendsCore = rep.sendsCore; inf->detached = rep.detached; - buffer = Xmalloc(rep.nameLength + 1 + 4 /* for pad */); _XReadPad(dpy, buffer, rep.nameLength); buffer[rep.nameLength] = '\0'; inf->name = buffer; + ret = True; + end: UnlockDisplay(dpy); SyncHandle(); - return True; + return ret; } /** Add input. */