--- libxfont-1.4.1.orig/ChangeLog +++ libxfont-1.4.1/ChangeLog @@ -451,7 +451,7 @@ Kill unused macro definition. commit 3c3b47bf6f080ddb700886de3e5bfa42c2f0774e -Merge: 9f86614... 32d2d33... +Merge: 9f86614 32d2d33 Author: Dodji Seketeli Date: Sat Aug 11 23:09:50 2007 +0200 @@ -623,7 +623,7 @@ Version bump: 1.2.8 commit 224fb6403a328e70b370540cc5cefd74421fafac -Merge: e7a59cf... 0fbb37c... +Merge: e7a59cf 0fbb37c Author: Matthieu Herrb Date: Tue Apr 3 16:05:48 2007 +0200 @@ -751,7 +751,7 @@ --disable-builtins should not force off all bitmap support commit 264df52d24f585915e0d9823d5f087cf23e3fc75 -Merge: 0fb55cb... d896c3e... +Merge: 0fb55cb d896c3e Author: Alan Coopersmith Date: Fri Sep 22 11:36:43 2006 -0700 --- libxfont-1.4.1.orig/autogen.sh +++ libxfont-1.4.1/autogen.sh @@ -0,0 +1,12 @@ +#! /bin/sh + +srcdir=`dirname $0` +test -z "$srcdir" && srcdir=. + +ORIGDIR=`pwd` +cd $srcdir + +autoreconf -v --install || exit 1 +cd $ORIGDIR || exit $? + +$srcdir/configure --enable-maintainer-mode "$@" --- libxfont-1.4.1.orig/debian/libxfont1.install +++ libxfont-1.4.1/debian/libxfont1.install @@ -0,0 +1,2 @@ +usr/lib/libXfont.so.1* + --- libxfont-1.4.1.orig/debian/control +++ libxfont-1.4.1/debian/control @@ -0,0 +1,85 @@ +Source: libxfont +Section: x11 +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Debian X Strike Force +Uploaders: David Nusinow , Drew Parsons , Julien Cristau +Build-Depends: + debhelper (>= 5), + pkg-config, + libfontenc-dev, + x11proto-core-dev, + xtrans-dev, + x11proto-fonts-dev, + libfreetype6-dev, + zlib1g-dev, + libbz2-dev, + quilt, + xutils-dev (>= 1:7.5~1), + autoconf, + automake, + libtool, +# devel-docs + xmlto, + lynx, +Standards-Version: 3.8.3 +Vcs-Git: git://git.debian.org/git/pkg-xorg/lib/libxfont +Vcs-Browser: http://git.debian.org/?p=pkg-xorg/lib/libxfont.git + +Package: libxfont1 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Conflicts: xprint (< 2:1.6.0-1) +Description: X11 font rasterisation library + libXfont provides various services for X servers, most notably font + selection and rasterisation (through external libraries). + . + More information about X.Org can be found at: + + + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libXfont + +Package: libxfont1-dbg +Section: debug +Architecture: any +Priority: extra +Depends: ${shlibs:Depends}, ${misc:Depends}, libxfont1 (= ${binary:Version}) +Description: X11 font rasterisation library (debug package) + libXfont provides various services for X servers, most notably font + selection and rasterisation (through external libraries). + . + This package contains the debug versions of the library found in libxfont1. + Non-developers likely have little use for this package. + . + More information about X.Org can be found at: + + + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libXfont + +Package: libxfont-dev +Section: libdevel +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libxfont1 (= ${binary:Version}), libx11-dev, x11proto-core-dev, x11proto-fonts-dev, libfreetype6-dev, libfontenc-dev (>= 1:1.0.1-1) +Pre-Depends: x11-common (>= 1:7.0.0) +Replaces: xlibs-static-dev (<< 6.8.2-51) +Description: X11 font rasterisation library (development headers) + libXfont provides various services for X servers, most notably font + selection and rasterisation (through external libraries). + . + This package contains the development headers for the library found in + libxfont1. Non-developers likely have little use for this package. + . + More information about X.Org can be found at: + + + + . + This module can be found at + git://anongit.freedesktop.org/git/xorg/lib/libXfont --- libxfont-1.4.1.orig/debian/README.source +++ libxfont-1.4.1/debian/README.source @@ -0,0 +1,73 @@ +------------------------------------------------------ +Quick Guide To Patching This Package For The Impatient +------------------------------------------------------ + +1. Make sure you have quilt installed +2. Unpack the package as usual with "dpkg-source -x" +3. Run the "patch" target in debian/rules +4. Create a new patch with "quilt new" (see quilt(1)) +5. Edit all the files you want to include in the patch with "quilt edit" + (see quilt(1)). +6. Write the patch with "quilt refresh" (see quilt(1)) +7. Run the "clean" target in debian/rules + +Alternatively, instead of using quilt directly, you can drop the patch in to +debian/patches and add the name of the patch to debian/patches/series. + +------------------------------------ +Guide To The X Strike Force Packages +------------------------------------ + +The X Strike Force team maintains X packages in git repositories on +git.debian.org in the pkg-xorg subdirectory. Most upstream packages +are actually maintained in git repositories as well, so they often +just need to be pulled into git.debian.org in a "upstream-*" branch. +Otherwise, the upstream sources are manually installed in the Debian +git repository. + +The .orig.tar.gz upstream source file could be generated this +"upstream-*" branch in the Debian git repository but it is actually +copied from upstream tarballs directly. + +Due to X.org being highly modular, packaging all X.org applications +as their own independent packages would have created too many Debian +packages. For this reason, some X.org applications have been grouped +into larger packages: xutils, xutils-dev, x11-apps, x11-session-utils, +x11-utils, x11-xfs-utils, x11-xkb-utils, x11-xserver-utils. +Most packages, including the X.org server itself and all libraries +and drivers are, however maintained independently. + +The Debian packaging is added by creating the "debian-*" git branch +which contains the aforementioned "upstream-*" branch plus the debian/ +repository files. +When a patch has to be applied to the Debian package, two solutions +are involved: +* If the patch is available in one of the upstream branches, it + may be git'cherry-picked into the Debian repository. In this + case, it appears directly in the .diff.gz. +* Otherwise, the patch is added to debian/patches/ which is managed + with quilt as documented in /usr/share/doc/quilt/README.source. + +quilt is actually invoked by the Debian X packaging through a larger +set of scripts called XSFBS. XSFBS brings some other X specific +features such as managing dependencies and conflicts due to the video +and input driver ABIs. +XSFBS itself is maintained in a separate repository at + git://git.debian.org/pkg-xorg/xsfbs.git +and it is pulled inside the other Debian X repositories when needed. + +The XSFBS patching system requires a build dependency on quilt. Also +a dependency on $(STAMP_DIR)/patch has to be added to debian/rules +so that the XSFBS patching occurs before the actual build. So the +very first target of the build (likely the one running autoreconf) +should depend on $(STAMP_DIR)/patch. It should also not depend on +anything so that parallel builds are correctly supported (nothing +should probably run while patching is being done). And finally, the +clean target should depend on the xsfclean target so that patches +are unapplied on clean. + +When the upstream sources contain some DFSG-nonfree files, they are +listed in text files in debian/prune/ in the "debian-*" branch of +the Debian repository. XSFBS' scripts then take care of removing +these listed files during the build so as to generate a modified +DFSG-free .orig.tar.gz tarball. --- libxfont-1.4.1.orig/debian/changelog +++ libxfont-1.4.1/debian/changelog @@ -0,0 +1,271 @@ +libxfont (1:1.4.1-1ubuntu0.4) lucid-security; urgency=medium + + * SECURITY UPDATE: arbitrary code exection via invalid property count + - debian/patches/CVE-2015-1802.patch: check for integer overflow in + src/bitmap/bdfread.c. + - CVE-2015-1802 + * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure + - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read + in src/bitmap/bdfread.c. + - CVE-2015-1803 + * SECURITY UPDATE: arbitrary code execution via invalid metrics + - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in + src/bitmap/bdfread.c. + - CVE-2015-1804 + + -- Marc Deslauriers Wed, 18 Mar 2015 07:33:52 -0400 + +libxfont (1:1.4.1-1ubuntu0.3) lucid-security; urgency=medium + + * SECURITY UPDATE: denial of service and possible code execution via + font metadata file parsing + - debian/patches/CVE-2014-0209.patch: check for overflows in + src/fontfile/dirfile.c, src/fontfile/fontdir.c. + - CVE-2014-0209 + * SECURITY UPDATE: denial of service and possible code execution via + xfs font server replies + - debian/patches/CVE-2014-021x.patch: check lengths and sizes in + src/fc/fsconvert.c, src/fc/fserve.c. + - CVE-2014-0210 + - CVE-2014-0211 + + -- Marc Deslauriers Tue, 13 May 2014 12:31:20 -0400 + +libxfont (1:1.4.1-1ubuntu0.2) lucid-security; urgency=low + + * SECURITY UPDATE: denial of service and possible code execution via + stack overflow + - debian/patches/CVE-2013-6462.patch: limit sscanf field in + src/bitmap/bdfread.c. + - CVE-2013-6462 + + -- Marc Deslauriers Mon, 30 Dec 2013 17:39:34 -0500 + +libxfont (1:1.4.1-1ubuntu0.1) lucid-security; urgency=low + + * SECURITY UPDATE: arbitrary code execution via overflow + - debian/patches/CVE-2011-2895.patch: check remaining length in + src/fontfile/decompress.c. + - CVE-2011-2895 + + -- Marc Deslauriers Thu, 11 Aug 2011 10:31:45 -0400 + +libxfont (1:1.4.1-1) unstable; urgency=low + + * New upstream release. + * Bump xutils-dev build-dep for new util-macros. + * Build documentation, install it in libxfont-dev. + * Enable support for bzip2 compressed bitmap fonts. + * Don't use LDFLAGS from the environment. Ubuntu sets that to + -Bsymbolic-functions, which breaks libXfont's weak symbols usage. + + -- Julien Cristau Wed, 02 Dec 2009 11:12:13 +0100 + +libxfont (1:1.4.0-3) unstable; urgency=low + + * libxfont1 Conflicts: xprint (< 2:1.6.0-1). + The requiem release of xprint (1.6) will not conflict with + libxfont1. I am assured the garlic wreaths should prove most + efficacious at protecting the general public from the undead. + * Standards version 3.8.3. + + -- Drew Parsons Sat, 31 Oct 2009 11:29:34 +1100 + +libxfont (1:1.4.0-2) unstable; urgency=high + + * libxfont1 Conflicts with xprint, printer font support was removed upstream + in 1.4.0 (closes: #535952). + * Add README.source from xsfbs. Bump Standards-Version to 3.8.2. + + -- Julien Cristau Sun, 02 Aug 2009 13:36:46 +0200 + +libxfont (1:1.4.0-1) unstable; urgency=low + + * New upstream release. + * Move libxfont1-dbg to new section 'debug'. + + -- Julien Cristau Mon, 13 Apr 2009 12:11:23 +0100 + +libxfont (1:1.3.4-2) unstable; urgency=low + + * Update debian/copyright from upstream COPYING. + * Upload to unstable. + + -- Julien Cristau Mon, 16 Feb 2009 19:31:59 +0100 + +libxfont (1:1.3.4-1) experimental; urgency=low + + * Wrap build-deps in debian/control. + * Run autoreconf on build; build-dep on xutils-dev, autoconf, automake and + libtool. + * Handle parallel builds. + * New upstream release. + * Drop obsolete x11proto-fontcache-dev build-dependency. + + -- Julien Cristau Tue, 23 Dec 2008 15:06:37 +0100 + +libxfont (1:1.3.3-1) unstable; urgency=high + + [ Julien Cristau ] + * Drop dependency on x11-common from libxfont1{,-dbg}. + * New upstream bugfix release. + * Disable the type1 rasterizer and support for speedo font files. The + former is a security hazard, and Speedo fonts are disabled in the X server + since before etch anyway. + * Urgency high so the above gets in lenny. + + [ Brice Goglin ] + * Add upstream URL to debian/copyright. + * Add a link to www.X.org and a reference to the upstream module + in the long description. + + -- Julien Cristau Thu, 17 Jul 2008 22:50:03 +0200 + +libxfont (1:1.3.2-1) unstable; urgency=low + + * New upstream release + * Drop CVE-2008-0006.diff, included upstream. + + -- Julien Cristau Fri, 07 Mar 2008 13:32:43 +0100 + +libxfont (1:1.3.1-2) unstable; urgency=high + + * High urgency upload for security fix. + * Fix a buffer overflow in the PCF font parser (CVE-2008-0006). + * debian/control updates + + add myself to Uploaders, and remove Branden and Fabio with their + permission + + s/^XS-Vcs/Vcs/ + + bump Standards-Version to 3.7.3 (no changes) + + libxfont1 is Section: libs + + libxfont-dev and libxfont1-dbg are Section: libdevel + + -- Julien Cristau Thu, 17 Jan 2008 00:09:38 +0100 + +libxfont (1:1.3.1-1) unstable; urgency=low + + * New upstream release. + * Add libxfont1.shlibs, bump shlibs to >= 1:1.2.9. + + -- Julien Cristau Wed, 05 Sep 2007 22:45:57 +0200 + +libxfont (1:1.2.9-1) unstable; urgency=low + + * New upstream version. + - Add a new 'catalogue' FPE (font path element), which takes font + paths from symlinks in a dir. + * Use libxfont1 (= ${binary:Version}) instead of ${Source-Version} + in debian/control. + + -- Drew Parsons Sat, 23 Jun 2007 09:40:45 +1000 + +libxfont (1:1.2.8-1) unstable; urgency=low + + * Add XS-Vcs-Browser to debian/control. + * New upstream release. + + drop patch from 1:1.2.2-2, applied upstream. + * Upload to unstable. + + -- Julien Cristau Wed, 11 Apr 2007 15:52:11 +0200 + +libxfont (1:1.2.7-1) experimental; urgency=low + + * New upstream release. + * Add XS-Vcs-Git header to debian/control, and drop obsolete CVS information. + * Install the upstream ChangeLog. + + -- Julien Cristau Fri, 16 Feb 2007 14:32:57 +0100 + +libxfont (1:1.2.2-2) unstable; urgency=high + + * Grab patch from upstream git to fix security issues: + + CVE-2007-1351: BDFFont Parsing Integer Overflow + + CVE-2007-1352: fonts.dir File Parsing Integer Overflow + + -- Julien Cristau Tue, 03 Apr 2007 19:31:24 +0200 + +libxfont (1:1.2.2-1) unstable; urgency=high + + * New upstream version. + - closes security bug in CID encoded fonts (iDefense CVE-ID + 2006-3739, 2006-3740) + - applies patches 10_freetype_buffer_overflow.patch, 10_pcf_font.patch + * dbg package has priority extra. + + -- Drew Parsons Wed, 13 Sep 2006 17:50:06 +1000 + +libxfont (1:1.2.0-2) unstable; urgency=high + + * Apply upstream patch 10_pcf_font.patch (security vulnerability + CVE-2006-3467). Closes: #383353. + * Upload to unstable to ensure patch is propagated quickly. + * Apply patch 10_freetype_buffer_overflow.patch while we're at it + (no known exploits). + + -- Drew Parsons Thu, 17 Aug 2006 07:45:40 +1000 + +libxfont (1:1.2.0-1) experimental; urgency=low + + * New upstream version. Closes: #364854. + - builds and works with Freetype 2.2. Closes: #362920, #370149. + * Standards version 3.7.2. + * libxfont-dev doesn't need both Depends: and Pre-Depends: x11-common. + * Use debhelper 5, tidy up debian/rules to match. + * libxfont does not provide libfontcache.so! + + -- Drew Parsons Thu, 27 Jul 2006 15:08:14 +1000 + +libxfont (1:1.1.0-1) UNRELEASED; urgency=low + + [ David Nusinow ] + * New upstream release + * Remove obsolete patch 01_fontserver_fix_SEGV.diff + + [ Andres Salomon ] + * Test for obj-$(DEB_BUILD_GNU_TYPE) before creating it during build; + idempotency fix. + * Run dh_install w/ --list-missing. + + -- Andres Salomon Mon, 17 Jul 2006 01:20:57 -0400 + +libxfont (1:1.0.0-4) unstable; urgency=low + + * Reorder makeshlib command in rules file so that ldconfig is run + properly. Thanks Drew Parsons and Steve Langasek. + * Add quilt to build-depends + + -- David Nusinow Wed, 19 Apr 2006 00:10:33 -0400 + +libxfont (1:1.0.0-3) unstable; urgency=low + + * Upload to unstable + + -- David Nusinow Thu, 23 Mar 2006 22:44:39 -0500 + +libxfont (1:1.0.0-2) experimental; urgency=low + + * Have libxfont-dev depend on libfreetype6-dev and libfontenc-dev. Thanks + Eugene Konev. + * Port patches from trunk + + general/099v_fontserver_fix_SEGV.diff + + -- David Nusinow Sun, 26 Feb 2006 18:35:44 -0500 + +libxfont (1:1.0.0-1) experimental; urgency=low + + * First upload to Debian + + -- David Nusinow Thu, 29 Dec 2005 20:51:40 -0500 + +libxfont (1:0.99.0+cvs.20050909-1) breezy; urgency=low + + * Fix the XFONT_FONTCACHE/FONTCACHE define in configure.ac (close: + Ubuntu#14319). + + -- Daniel Stone Fri, 9 Sep 2005 15:39:57 +1000 + +libxfont (1:0.99.0-1) breezy; urgency=low + + * First libxfont release. + + -- Daniel Stone Mon, 16 May 2005 22:10:17 +1000 --- libxfont-1.4.1.orig/debian/libxfont1.shlibs +++ libxfont-1.4.1/debian/libxfont1.shlibs @@ -0,0 +1 @@ +libXfont 1 libxfont1 (>= 1:1.2.9) --- libxfont-1.4.1.orig/debian/compat +++ libxfont-1.4.1/debian/compat @@ -0,0 +1 @@ +5 --- libxfont-1.4.1.orig/debian/copyright +++ libxfont-1.4.1/debian/copyright @@ -0,0 +1,292 @@ +This package was downloaded from +http://xorg.freedesktop.org/releases/individual/lib/ + +Copyright (c) 1997 by Mark Leisher +Copyright (c) 1998-2003 by Juliusz Chroboczek +Copyright (c) 1998 Go Watanabe, All rights reserved. +Copyright (c) 1998 Kazushi (Jam) Marukawa, All rights reserved. +Copyright (c) 1998 Takuya SHIOZAKI, All rights reserved. +Copyright (c) 1998 X-TrueType Server Project, All rights reserved. +Copyright (c) 2003-2004 After X-TT Project, All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + +Copyright 1990, 1998 The Open Group + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation. + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The Open Group shall +not be used in advertising or otherwise to promote the sale, use or +other dealings in this Software without prior written authorization +from The Open Group. + + +Copyright 1989 by Digital Equipment Corporation, Maynard, Massachusetts. + + All Rights Reserved + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose and without fee is hereby granted, +provided that the above copyright notice appear in all copies and that +both that copyright notice and this permission notice appear in +supporting documentation, and that the name of Digital not be +used in advertising or publicity pertaining to distribution of the +software without specific, written prior permission. + +DIGITAL DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING +ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL +DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR +ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, +ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +SOFTWARE. + + +Copyright 1999 SuSE, Inc. + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation, and that the name of SuSE not be used in advertising or +publicity pertaining to distribution of the software without specific, +written prior permission. SuSE makes no representations about the +suitability of this software for any purpose. It is provided "as is" +without express or implied warranty. + +SuSE DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL SuSE +BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + +Copyright 1990 Network Computing Devices + +Permission to use, copy, modify, distribute, and sell this software and +its documentation for any purpose is hereby granted without fee, provided +that the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation, and that the name of Network Computing Devices not be used +in advertising or publicity pertaining to distribution of the software +without specific, written prior permission. Network Computing Devices +makes no representations about the suitability of this software for any +purpose. It is provided "as is" without express or implied warranty. + +NETWORK COMPUTING DEVICES DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS +SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, +IN NO EVENT SHALL NETWORK COMPUTING DEVICES BE LIABLE FOR ANY SPECIAL, +INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE +OR PERFORMANCE OF THIS SOFTWARE. + + +Copyright 1990 Network Computing Devices + +Permission to use, copy, modify, distribute, and sell this software and +its documentation for any purpose is hereby granted without fee, provided +that the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation, and that the names of Network Computing Devices, or Digital +not be used in advertising or publicity pertaining to distribution +of the software without specific, written prior permission. + +NETWORK COMPUTING DEVICES, AND DIGITAL AND DISCLAIM ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL NETWORK COMPUTING DEVICES, +OR DIGITAL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL +DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR +PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF +THIS SOFTWARE. + + +[Note: clause 3 in the following license, the "advertising clause", was +rescinded by Berkeley in 1999. See +] + +Copyright (c) 1991, 1993 + The Regents of the University of California. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by the University of + California, Berkeley and its contributors. +4. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + + +Copyright (c) 1998-1999 Shunsuke Akiyama . +All rights reserved. +Copyright (c) 1998-1999 X-TrueType Server Project, All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. + + +Copyright © 2004 Keith Packard + +Permission to use, copy, modify, distribute, and sell this software and its +documentation for any purpose is hereby granted without fee, provided that +the above copyright notice appear in all copies and that both that +copyright notice and this permission notice appear in supporting +documentation, and that the name of Keith Packard not be used in +advertising or publicity pertaining to distribution of the software without +specific, written prior permission. Keith Packard makes no +representations about the suitability of this software for any purpose. It +is provided "as is" without express or implied warranty. + +KEITH PACKARD DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, +INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO +EVENT SHALL KEITH PACKARD BE LIABLE FOR ANY SPECIAL, INDIRECT OR +CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, +DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER +TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. + + +/* lib/font/fontfile/gunzip.c + written by Mark Eichin September 1996. + intended for inclusion in X11 public releases. */ + + +Copyright (c) 1999 The XFree86 Project Inc. + +All Rights Reserved. + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN +AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +Except as contained in this notice, the name of The XFree86 Project +Inc. shall not be used in advertising or otherwise to promote the +sale, use or other dealings in this Software without prior written +authorization from The XFree86 Project Inc.. + +Copyright © 2007 Red Hat, Inc + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice (including the next +paragraph) shall be included in all copies or substantial portions of the +Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + +Copyright 2008 Sun Microsystems, Inc. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, and/or sell copies of the Software, and to permit persons +to whom the Software is furnished to do so, provided that the above +copyright notice(s) and this permission notice appear in all copies of +the Software and that both the above copyright notice(s) and this +permission notice appear in supporting documentation. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT +OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR +HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL +INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING +FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +Except as contained in this notice, the name of a copyright holder +shall not be used in advertising or otherwise to promote the sale, use +or other dealings in this Software without prior written authorization +of the copyright holder. + --- libxfont-1.4.1.orig/debian/watch +++ libxfont-1.4.1/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://xorg.freedesktop.org/releases/individual/lib/ libXfont-(.*)\.tar\.gz --- libxfont-1.4.1.orig/debian/libxfont-dev.install +++ libxfont-1.4.1/debian/libxfont-dev.install @@ -0,0 +1,4 @@ +usr/include/X11/* +usr/lib/libXfont.a +usr/lib/libXfont.so +usr/lib/pkgconfig/xfont.pc --- libxfont-1.4.1.orig/debian/rules +++ libxfont-1.4.1/debian/rules @@ -0,0 +1,114 @@ +#!/usr/bin/make -f +# debian/rules for the Debian libxfont package. +# Copyright © 2004 Scott James Remnant +# Copyright © 2005 Daniel Stone +# Copyright © 2005 David Nusinow + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +PACKAGE = libxfont1 + +include debian/xsfbs/xsfbs.mk + +CFLAGS = -Wall -g +ifneq (,$(filter noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif + +DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += --build=$(DEB_HOST_GNU_TYPE) +else + confflags += --build=$(DEB_BUILD_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE) +endif + +doc_files = \ + doc/fontlib.css \ + obj-$(DEB_BUILD_GNU_TYPE)/doc/fontlib.txt \ + obj-$(DEB_BUILD_GNU_TYPE)/doc/fontlib.html + +confflags += \ + --with-bzip2 \ + --enable-fc \ + --enable-builtins \ + --enable-pcfformat \ + --enable-bdfformat \ + --enable-devel-docs + +configure: $(STAMP_DIR)/patch + autoreconf -vfi + +obj-$(DEB_BUILD_GNU_TYPE)/config.status: configure + mkdir -p obj-$(DEB_BUILD_GNU_TYPE) + cd obj-$(DEB_BUILD_GNU_TYPE) && \ + ../configure --prefix=/usr --mandir=\$${prefix}/share/man \ + --infodir=\$${prefix}/share/info $(confflags) \ + CFLAGS="$(CFLAGS)" LDFLAGS="" + +build: build-stamp +build-stamp: obj-$(DEB_BUILD_GNU_TYPE)/config.status + dh_testdir + + cd obj-$(DEB_BUILD_GNU_TYPE) && $(MAKE) + >$@ + +clean: xsfclean + dh_testdir + dh_testroot + rm -f build-stamp + + rm -f config.cache config.log config.status + rm -f */config.cache */config.log */config.status + rm -f conftest* */conftest* + rm -rf autom4te.cache */autom4te.cache + rm -rf obj-* + rm -f $$(find -name Makefile.in) + rm -f aclocal.m4 config.guess config.h.in config.sub configure + rm -f depcomp install-sh ltmain.sh missing mkinstalldirs + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + cd obj-$(DEB_BUILD_GNU_TYPE) && $(MAKE) DESTDIR=$(CURDIR)/debian/tmp install + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + + dh_installdocs + dh_install --sourcedir=debian/tmp --list-missing -XlibXfont.la + install -d debian/libxfont-dev/usr/share/doc/libxfont-dev + install -m 644 $(doc_files) debian/libxfont-dev/usr/share/doc/libxfont-dev + dh_installchangelogs ChangeLog + dh_link + dh_strip --dbg-package=$(PACKAGE)-dbg + dh_compress + dh_fixperms + dh_makeshlibs + dh_shlibdeps + dh_installdeb + dh_gencontrol + dh_md5sums + dh_builddeb + +# Build architecture-independent files here. +binary-indep: build install +# Nothing to do + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- libxfont-1.4.1.orig/debian/xsfbs/xsfbs.mk +++ libxfont-1.4.1/debian/xsfbs/xsfbs.mk @@ -0,0 +1,276 @@ +#!/usr/bin/make -f + +# Debian X Strike Force Build System (XSFBS): Make portion + +# Copyright 1996 Stephen Early +# Copyright 1997 Mark Eichin +# Copyright 1998-2005, 2007 Branden Robinson +# Copyright 2005 David Nusinow +# +# Licensed under the GNU General Public License, version 2. See the file +# /usr/share/common-licenses/GPL or . + +# Originally by Stephen Early +# Modified by Mark W. Eichin +# Modified by Adam Heath +# Modified by Branden Robinson +# Modified by Fabio Massimo Di Nitto +# Modified by David Nusinow +# Acknowledgements to Manoj Srivastava. + +# Pass $(DH_OPTIONS) into the environment for debhelper's benefit. +export DH_OPTIONS + +# force quilt to not use ~/.quiltrc and to use debian/patches +QUILT = QUILT_PATCHES=debian/patches quilt --quiltrc /dev/null + +# Set up parameters for the upstream build environment. + +# Determine (source) package name from Debian changelog. +SOURCE_NAME:=$(shell dpkg-parsechangelog -ldebian/changelog \ + | grep '^Source:' | awk '{print $$2}') + +# Determine package version from Debian changelog. +SOURCE_VERSION:=$(shell dpkg-parsechangelog -ldebian/changelog \ + | grep '^Version:' | awk '{print $$2}') + +# Determine upstream version number. +UPSTREAM_VERSION:=$(shell echo $(SOURCE_VERSION) | sed 's/-.*//') + +# Determine the source version without the epoch for make-orig-tar-gz +NO_EPOCH_VER:=$(shell echo $(UPSTREAM_VERSION) | sed 's/^.://') + +# Figure out who's building this package. +BUILDER:=$(shell echo $${DEBEMAIL:-$${EMAIL:-$$(echo $$LOGNAME@$$(cat /etc/mailname 2>/dev/null))}}) + +# Find out if this is an official build; an official build has nothing but +# digits, dots, and/or the codename of a release in the Debian part of the +# version number. Anything else indicates an unofficial build. +OFFICIAL_BUILD:=$(shell VERSION=$(SOURCE_VERSION); if ! expr "$$(echo $${VERSION\#\#*-} | sed 's/\(woody\|sarge\|etch\|lenny\)//g')" : ".*[^0-9.].*" >/dev/null 2>&1; then echo yes; fi) + +# Set up parameters for the Debian build environment. + +# Determine our architecture. +BUILD_ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH) +# Work around some old-time dpkg braindamage. +BUILD_ARCH:=$(subst i486,i386,$(BUILD_ARCH)) +# The DEB_HOST_ARCH variable may be set per the Debian cross-compilation policy. +ifdef DEB_HOST_ARCH + ARCH:=$(DEB_HOST_ARCH) +else + # dpkg-cross sets the ARCH environment variable; if set, use it. + ifdef ARCH + ARCH:=$(ARCH) + else + ARCH:=$(BUILD_ARCH) + endif +endif + +# $(STAMP_DIR) houses stamp files for complex targets. +STAMP_DIR:=stampdir + +# $(DEBTREEDIR) is where all install rules are told (via $(DESTDIR)) to place +# their files. +DEBTREEDIR:=$(CURDIR)/debian/tmp + +# All "important" targets have four lines: +# 1) A target name that is invoked by a package-building tool or the user. +# This consists of a dependency on a "$(STAMP_DIR)/"-prefixed counterpart. +# 2) A line delcaring 1) as a phony target (".PHONY:"). +# 3) A "$(STAMP_DIR)/"-prefixed target which does the actual work, and may +# depend on other targets. +# 4) A line declaring 3) as a member of the $(stampdir_targets) variable; the +# "$(STAMP_DIR)/" prefix is omitted. +# +# This indirection is needed so that the "stamp" files that signify when a rule +# is done can be located in a separate "stampdir". Recall that make has no way +# to know when a goal has been met for a phony target (like "build" or +# "install"). +# +# At the end of each "$(STAMP_DIR)/" target, be sure to run the command ">$@" +# so that the target will not be run again. Removing the file will make Make +# run the target over. + +# All phony targets should be declared as dependencies of .PHONY, even if they +# do not have "($STAMP_DIR)/"-prefixed counterparts. + +# Define a harmless default rule to keep things from going nuts by accident. +.PHONY: default +default: + +# Set up the $(STAMP_DIR) directory. +.PHONY: stampdir +stampdir_targets+=stampdir +stampdir: $(STAMP_DIR)/stampdir +$(STAMP_DIR)/stampdir: + mkdir $(STAMP_DIR) + >$@ + +# Set up the package build directory as quilt expects to find it. +.PHONY: prepare +stampdir_targets+=prepare +prepare: $(STAMP_DIR)/prepare +$(STAMP_DIR)/prepare: $(STAMP_DIR)/log $(STAMP_DIR)/genscripts + >$@ + +.PHONY: log +stampdir_targets+=log +log: $(STAMP_DIR)/log +$(STAMP_DIR)/log: $(STAMP_DIR)/stampdir + mkdir -p $(STAMP_DIR)/log + +# Apply all patches to the upstream source. +.PHONY: patch +stampdir_targets+=patch +patch: $(STAMP_DIR)/patch +$(STAMP_DIR)/patch: $(STAMP_DIR)/prepare + if ! [ `which quilt` ]; then \ + echo "Couldn't find quilt. Please install it or add it to the build-depends for this package."; \ + exit 1; \ + fi; \ + if $(QUILT) next >/dev/null 2>&1; then \ + echo -n "Applying patches..."; \ + if $(QUILT) push -a -v >$(STAMP_DIR)/log/patch 2>&1; then \ + cat $(STAMP_DIR)/log/patch; \ + echo "successful."; \ + else \ + cat $(STAMP_DIR)/log/patch; \ + echo "failed! (check $(STAMP_DIR)/log/patch for details)"; \ + exit 1; \ + fi; \ + else \ + echo "No patches to apply"; \ + fi; \ + >$@ + +# Revert all patches to the upstream source. +.PHONY: unpatch +unpatch: $(STAMP_DIR)/log + rm -f $(STAMP_DIR)/patch + @echo -n "Unapplying patches..."; \ + if $(QUILT) applied >/dev/null 2>/dev/null; then \ + if $(QUILT) pop -a -v >$(STAMP_DIR)/log/unpatch 2>&1; then \ + cat $(STAMP_DIR)/log/unpatch; \ + echo "successful."; \ + else \ + cat $(STAMP_DIR)/log/unpatch; \ + echo "failed! (check $(STAMP_DIR)/log/unpatch for details)"; \ + exit 1; \ + fi; \ + else \ + echo "nothing to do."; \ + fi + +# Clean the generated maintainer scripts. +.PHONY: cleanscripts +cleanscripts: + rm -f $(STAMP_DIR)/genscripts + rm -f debian/*.config \ + debian/*.postinst \ + debian/*.postrm \ + debian/*.preinst \ + debian/*.prerm + +# Clean the package build tree. +.PHONY: xsfclean +xsfclean: cleanscripts unpatch + dh_testdir + rm -rf .pc + rm -rf $(STAMP_DIR) + dh_clean + +# Remove files from the upstream source tree that we don't need, or which have +# licensing problems. It must be run before creating the .orig.tar.gz. +# +# Note: This rule is for Debian package maintainers' convenience, and is not +# needed for conventional build scenarios. +.PHONY: prune-upstream-tree +prune-upstream-tree: + # Ensure we're in the correct directory. + dh_testdir + grep -rvh '^#' debian/prune/ | xargs --no-run-if-empty rm -rf + +# Verify that there are no offsets or fuzz in the patches we apply. +# +# Note: This rule is for Debian package maintainers' convenience, and is not +# needed for conventional build scenarios. +.PHONY: patch-audit +patch-audit: prepare unpatch + @echo -n "Auditing patches..."; \ + >$(STAMP_DIR)/log/patch; \ + FUZZY=; \ + while [ -n "$$($(QUILT) next)" ]; do \ + RESULT=$$($(QUILT) push -v | tee -a $(STAMP_DIR)/log/patch | grep ^Hunk | sed 's/^Hunk.*\(succeeded\|FAILED\).*/\1/');\ + case "$$RESULT" in \ + succeeded) \ + echo "fuzzy patch: $$($(QUILT) top)" \ + | tee -a $(STAMP_DIR)/log/$$($(QUILT) top); \ + FUZZY=yes; \ + ;; \ + FAILED) \ + echo "broken patch: $$($(QUILT) next)" \ + | tee -a $(STAMP_DIR)/log/$$($(QUILT) next); \ + exit 1; \ + ;; \ + esac; \ + done; \ + if [ -n "$$FUZZY" ]; then \ + echo "there were fuzzy patches; please fix."; \ + exit 1; \ + else \ + echo "done."; \ + fi + +# Generate the maintainer scripts. +.PHONY: genscripts +stampdir_targets+=genscripts +genscripts: $(STAMP_DIR)/genscripts +$(STAMP_DIR)/genscripts: $(STAMP_DIR)/stampdir + for FILE in debian/*.config.in \ + debian/*.postinst.in \ + debian/*.postrm.in \ + debian/*.preinst.in \ + debian/*.prerm.in; do \ + if [ -e "$$FILE" ]; then \ + MAINTSCRIPT=$$(echo $$FILE | sed 's/.in$$//'); \ + sed -n '1,/^#INCLUDE_SHELL_LIB#$$/p' <$$FILE \ + | sed -e '/^#INCLUDE_SHELL_LIB#$$/d' >$$MAINTSCRIPT.tmp; \ + cat debian/xsfbs/xsfbs.sh >>$$MAINTSCRIPT.tmp; \ + sed -n '/^#INCLUDE_SHELL_LIB#$$/,$$p' <$$FILE \ + | sed -e '/^#INCLUDE_SHELL_LIB#$$/d' >>$$MAINTSCRIPT.tmp; \ + sed -e 's/@SOURCE_VERSION@/$(SOURCE_VERSION)/' \ + -e 's/@OFFICIAL_BUILD@/$(OFFICIAL_BUILD)/' \ + <$$MAINTSCRIPT.tmp >$$MAINTSCRIPT; \ + rm $$MAINTSCRIPT.tmp; \ + fi; \ + done + # Validate syntax of generated shell scripts. + #sh debian/scripts/validate-posix-sh debian/*.config \ + # debian/*.postinst \ + # debian/*.postrm \ + # debian/*.preinst \ + # debian/*.prerm + >$@ + +SERVERMINVERS = $(shell cat /usr/share/xserver-xorg/serverminver 2>/dev/null) +VIDEOABI = $(shell cat /usr/share/xserver-xorg/videoabiver 2>/dev/null) +INPUTABI = $(shell cat /usr/share/xserver-xorg/inputabiver 2>/dev/null) +SERVER_DEPENDS = xserver-xorg-core (>= $(SERVERMINVERS)) +VIDDRIVER_PROVIDES = xserver-xorg-video-$(VIDEOABI) +INPDRIVER_PROVIDES = xserver-xorg-input-$(INPUTABI) +ifeq ($(PACKAGE),) +PACKAGE=$(shell awk '/^Package:/ { print $$2; exit }' < debian/control) +endif + +.PHONY: serverabi +serverabi: install +ifeq ($(SERVERMINVERS),) + @echo error: xserver-xorg-dev needs to be installed + @exit 1 +else + echo "xserver:Depends=$(SERVER_DEPENDS)" >> debian/$(PACKAGE).substvars + echo "xviddriver:Provides=$(VIDDRIVER_PROVIDES)" >> debian/$(PACKAGE).substvars + echo "xinpdriver:Provides=$(INPDRIVER_PROVIDES)" >> debian/$(PACKAGE).substvars +endif + +# vim:set noet ai sts=8 sw=8 tw=0: --- libxfont-1.4.1.orig/debian/xsfbs/xsfbs.sh +++ libxfont-1.4.1/debian/xsfbs/xsfbs.sh @@ -0,0 +1,622 @@ +# This is the X Strike Force shell library for X Window System package +# maintainer scripts. It serves to define shell functions commonly used by +# such packages, and performs some error checking necessary for proper operation +# of those functions. By itself, it does not "do" much; the maintainer scripts +# invoke the functions defined here to accomplish package installation and +# removal tasks. + +# If you are reading this within a Debian package maintainer script (e.g., +# /var/lib/dpkg/info/PACKAGE.{config,preinst,postinst,prerm,postrm}), you can +# skip past this library by scanning forward in this file to the string +# "GOBSTOPPER". + +SOURCE_VERSION=@SOURCE_VERSION@ +OFFICIAL_BUILD=@OFFICIAL_BUILD@ + +# Use special abnormal exit codes so that problems with this library are more +# easily tracked down. +SHELL_LIB_INTERNAL_ERROR=86 +SHELL_LIB_THROWN_ERROR=74 +SHELL_LIB_USAGE_ERROR=99 + +# old -> new variable names +if [ -z "$DEBUG_XORG_PACKAGE" ] && [ -n "$DEBUG_XFREE86_PACKAGE" ]; then + DEBUG_XORG_PACKAGE="$DEBUG_XFREE86_PACKAGE" +fi +if [ -z "$DEBUG_XORG_DEBCONF" ] && [ -n "$DEBUG_XFREE86_DEBCONF" ]; then + DEBUG_XORG_DEBCONF="$DEBUG_XFREE86_DEBCONF" +fi + +# initial sanity checks +if [ -z "$THIS_PACKAGE" ]; then + cat >&2 < on the World Wide Web for +instructions, read the file /usr/share/doc/debian/bug-reporting.txt from the +"doc-debian" package, or install the "reportbug" package and use the command of +the same name to file a report against version $SOURCE_VERSION of this package. +EOF + exit $SHELL_LIB_USAGE_ERROR +fi + +if [ -z "$THIS_SCRIPT" ]; then + cat >&2 < on the World Wide Web for +instructions, read the file /usr/share/doc/debian/bug-reporting.txt from the +"doc-debian" package, or install the "reportbug" package and use the command of +the same name to file a report against version $SOURCE_VERSION of the +"$THIS_PACKAGE" package. +EOF + exit $SHELL_LIB_USAGE_ERROR +fi + +if [ "$1" = "reconfigure" ] || [ -n "$DEBCONF_RECONFIGURE" ]; then + RECONFIGURE="true" +else + RECONFIGURE= +fi + +if ([ "$1" = "install" ] || [ "$1" = "configure" ]) && [ -z "$2" ]; then + FIRSTINST="yes" +fi + +if [ -z "$RECONFIGURE" ] && [ -z "$FIRSTINST" ]; then + UPGRADE="yes" +fi + +trap "message;\ + message \"Received signal. Aborting $THIS_PACKAGE package $THIS_SCRIPT script.\";\ + message;\ + exit 1" HUP INT QUIT TERM + +reject_nondigits () { + # syntax: reject_nondigits [ operand ... ] + # + # scan operands (typically shell variables whose values cannot be trusted) for + # characters other than decimal digits and barf if any are found + while [ -n "$1" ]; do + # does the operand contain anything but digits? + if ! expr "$1" : "[[:digit:]]\+$" > /dev/null 2>&1; then + # can't use die(), because it wraps message() which wraps this function + echo "$THIS_PACKAGE $THIS_SCRIPT error: reject_nondigits() encountered" \ + "possibly malicious garbage \"$1\"" >&2 + exit $SHELL_LIB_THROWN_ERROR + fi + shift + done +} + +reject_unlikely_path_chars () { + # syntax: reject_unlikely_path_chars [ operand ... ] + # + # scan operands (typically shell variables whose values cannot be trusted) for + # characters unlikely to be seen in a path and which the shell might + # interpret and barf if any are found + while [ -n "$1" ]; do + # does the operand contain any funny characters? + if expr "$1" : '.*[!$&()*;<>?|].*' > /dev/null 2>&1; then + # can't use die(), because I want to avoid forward references + echo "$THIS_PACKAGE $THIS_SCRIPT error: reject_unlikely_path_chars()" \ + "encountered possibly malicious garbage \"$1\"" >&2 + exit $SHELL_LIB_THROWN_ERROR + fi + shift + done +} + +# Query the terminal to establish a default number of columns to use for +# displaying messages to the user. This is used only as a fallback in the +# event the COLUMNS variable is not set. ($COLUMNS can react to SIGWINCH while +# the script is running, and this cannot, only being calculated once.) +DEFCOLUMNS=$(stty size 2> /dev/null | awk '{print $2}') || true +if ! expr "$DEFCOLUMNS" : "[[:digit:]]\+$" > /dev/null 2>&1; then + DEFCOLUMNS=80 +fi + +message () { + # pretty-print messages of arbitrary length + reject_nondigits "$COLUMNS" + echo "$*" | fmt -t -w ${COLUMNS:-$DEFCOLUMNS} >&2 +} + +observe () { + # syntax: observe message ... + # + # issue observational message suitable for logging someday when support for + # it exists in dpkg + if [ -n "$DEBUG_XORG_PACKAGE" ]; then + message "$THIS_PACKAGE $THIS_SCRIPT note: $*" + fi +} + +warn () { + # syntax: warn message ... + # + # issue warning message suitable for logging someday when support for + # it exists in dpkg; also send to standard error + message "$THIS_PACKAGE $THIS_SCRIPT warning: $*" +} + +die () { + # syntax: die message ... + # + # exit script with error message + message "$THIS_PACKAGE $THIS_SCRIPT error: $*" + exit $SHELL_LIB_THROWN_ERROR +} + +internal_error () { + # exit script with error; essentially a "THIS SHOULD NEVER HAPPEN" message + message "internal error: $*" + if [ -n "$OFFICIAL_BUILD" ]; then + message "Please report a bug in the $THIS_SCRIPT script of the" \ + "$THIS_PACKAGE package, version $SOURCE_VERSION to the Debian Bug" \ + "Tracking System. Include all messages above that mention the" \ + "$THIS_PACKAGE package. Visit " \ + " on the World Wide Web for" \ + "instructions, read the file" \ + "/usr/share/doc/debian/bug-reporting.txt from the doc-debian" \ + "package, or install the reportbug package and use the command of" \ + "the same name to file a report." + fi + exit $SHELL_LIB_INTERNAL_ERROR +} + +usage_error () { + message "usage error: $*" + message "Please report a bug in the $THIS_SCRIPT script of the" \ + "$THIS_PACKAGE package, version $SOURCE_VERSION to the Debian Bug" \ + "Tracking System. Include all messages above that mention the" \ + "$THIS_PACKAGE package. Visit " \ + " on the World Wide Web for" \ + "instructions, read the file" \ + "/usr/share/doc/debian/bug-reporting.txt from the doc-debian" \ + "package, or install the reportbug package and use the command of" \ + "the same name to file a report." + exit $SHELL_LIB_USAGE_ERROR +} + +font_update () { + # run $UPDATECMDS in $FONTDIRS + + local dir cmd shortcmd x_font_dir_prefix + + x_font_dir_prefix="/usr/share/fonts/X11" + + if [ -z "$UPDATECMDS" ]; then + usage_error "font_update() called but \$UPDATECMDS not set" + fi + if [ -z "$FONTDIRS" ]; then + usage_error "font_update() called but \$FONTDIRS not set" + fi + + reject_unlikely_path_chars "$UPDATECMDS" + reject_unlikely_path_chars "$FONTDIRS" + + for dir in $FONTDIRS; do + if [ -d "$x_font_dir_prefix/$dir" ]; then + for cmd in $UPDATECMDS; do + if which "$cmd" > /dev/null 2>&1; then + shortcmd=${cmd##*/} + observe "running $shortcmd in $dir font directory" + cmd_opts= + if [ "$shortcmd" = "update-fonts-alias" ]; then + cmd_opts=--x11r7-layout + fi + if [ "$shortcmd" = "update-fonts-dir" ]; then + cmd_opts=--x11r7-layout + fi + if [ "$shortcmd" = "update-fonts-scale" ]; then + cmd_opts=--x11r7-layout + fi + $cmd $cmd_opts $dir || warn "$cmd $cmd_opts $dir" \ + "failed; font directory data may not" \ + "be up to date" + else + warn "$cmd not found; not updating corresponding $dir font" \ + "directory data" + fi + done + else + warn "$dir is not a directory; not updating font directory data" + fi + done +} + +remove_conffile_prepare () { + # syntax: remove_conffile_prepare filename official_md5sum ... + # + # Check a conffile "filename" against a list of canonical MD5 checksums. + # If the file's current MD5 checksum matches one of the "official_md5sum" + # operands provided, then prepare the conffile for removal from the system. + # We defer actual deletion until the package is configured so that we can + # roll this operation back if package installation fails. + # + # Call this function from a preinst script in the event $1 is "upgrade" or + # "install" and verify $2 to ensure the package is being upgraded from a + # version (or installed over a version removed-but-not-purged) prior to the + # one in which the conffile was obsoleted. + + local conffile current_checksum + + # validate arguments + if [ $# -lt 2 ]; then + usage_error "remove_conffile_prepare() called with wrong number of" \ + "arguments; expected at least 2, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + conffile="$1" + shift + + # does the conffile even exist? + if [ -e "$conffile" ]; then + # calculate its checksum + current_checksum=$(md5sum < "$conffile" | sed 's/[[:space:]].*//') + # compare it to each supplied checksum + while [ -n "$1" ]; do + if [ "$current_checksum" = "$1" ]; then + # we found a match; move the confffile and stop looking + observe "preparing obsolete conffile $conffile for removal" + mv "$conffile" "$conffile.$THIS_PACKAGE-tmp" + break + fi + shift + done + fi +} + +remove_conffile_lookup () { + # syntax: remove_conffile_lookup package filename + # + # Lookup the md5sum of a conffile in dpkg's database, and prepare for removal + # if it matches the actual file's md5sum. + # + # Call this function when you would call remove_conffile_prepare but only + # want to check against dpkg's status database instead of known checksums. + + local package conffile old_md5sum + + # validate arguments + if [ $# -ne 2 ]; then + usage_error "remove_conffile_lookup() called with wrong number of" \ + "arguments; expected 1, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + package="$1" + conffile="$2" + + if ! [ -e "$conffile" ]; then + return + fi + old_md5sum="$(dpkg-query -W -f='${Conffiles}' "$package" | \ + awk '{ if (match($0, "^ '"$conffile"' ")) print $2}')" + if [ -n "$old_md5sum" ]; then + remove_conffile_prepare "$conffile" "$old_md5sum" + fi +} + +remove_conffile_commit () { + # syntax: remove_conffile_commit filename + # + # Complete the removal of a conffile "filename" that has become obsolete. + # + # Call this function from a postinst script after having used + # remove_conffile_prepare() in the preinst. + + local conffile + + # validate arguments + if [ $# -ne 1 ]; then + usage_error "remove_conffile_commit() called with wrong number of" \ + "arguments; expected 1, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + conffile="$1" + + # if the temporary file created by remove_conffile_prepare() exists, remove it + if [ -e "$conffile.$THIS_PACKAGE-tmp" ]; then + observe "committing removal of obsolete conffile $conffile" + rm "$conffile.$THIS_PACKAGE-tmp" + fi +} + +remove_conffile_rollback () { + # syntax: remove_conffile_rollback filename + # + # Roll back the removal of a conffile "filename". + # + # Call this function from a postrm script in the event $1 is "abort-upgrade" + # or "abort-install" is after having used remove_conffile_prepare() in the + # preinst. + + local conffile + + # validate arguments + if [ $# -ne 1 ]; then + usage_error "remove_conffile_rollback() called with wrong number of" \ + "arguments; expected 1, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + conffile="$1" + + # if the temporary file created by remove_conffile_prepare() exists, move it + # back + if [ -e "$conffile.$THIS_PACKAGE-tmp" ]; then + observe "rolling back removal of obsolete conffile $conffile" + mv "$conffile.$THIS_PACKAGE-tmp" "$conffile" + fi +} + +replace_conffile_with_symlink_prepare () { + # syntax: replace_conffile_with_symlink_prepare oldfilename newfilename \ + # official_md5sum ... + # + # Check a conffile "oldfilename" against a list of canonical MD5 checksums. + # If the file's current MD5 checksum matches one of the "official_md5sum" + # operands provided, then prepare the conffile for removal from the system. + # We defer actual deletion until the package is configured so that we can + # roll this operation back if package installation fails. Otherwise copy it + # to newfilename and let dpkg handle it through conffiles mechanism. + # + # Call this function from a preinst script in the event $1 is "upgrade" or + # "install" and verify $2 to ensure the package is being upgraded from a + # version (or installed over a version removed-but-not-purged) prior to the + # one in which the conffile was obsoleted. + + local conffile current_checksum + + # validate arguments + if [ $# -lt 3 ]; then + usage_error "replace_conffile_with_symlink_prepare() called with wrong" \ + " number of arguments; expected at least 3, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + oldconffile="$1" + shift + newconffile="$1" + shift + + remove_conffile_prepare "$_oldconffile" "$@" + # If $oldconffile still exists, then md5sums didn't match. + # Copy it to new one. + if [ -f "$oldconffile" ]; then + cp "$oldconffile" "$newconffile" + fi + +} + +replace_conffile_with_symlink_commit () { + # syntax: replace_conffile_with_symlink_commit oldfilename + # + # Complete the removal of a conffile "oldfilename" that has been + # replaced by a symlink. + # + # Call this function from a postinst script after having used + # replace_conffile_with_symlink_prepare() in the preinst. + + local conffile + + # validate arguments + if [ $# -ne 1 ]; then + usage_error "replace_conffile_with_symlink_commit() called with wrong" \ + "number of arguments; expected 1, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + conffile="$1" + + remove_conffile_commit "$conffile" +} + +replace_conffile_with_symlink_rollback () { + # syntax: replace_conffile_with_symlink_rollback oldfilename newfilename + # + # Roll back the replacing of a conffile "oldfilename" with symlink to + # "newfilename". + # + # Call this function from a postrm script in the event $1 is "abort-upgrade" + # or "abort-install" and verify $2 to ensure the package failed to upgrade + # from a version (or install over a version removed-but-not-purged) prior + # to the one in which the conffile was obsoleted. + # You should have used replace_conffile_with_symlink_prepare() in the + # preinst. + + local conffile + + # validate arguments + if [ $# -ne 2 ]; then + usage_error "replace_conffile_with_symlink_rollback() called with wrong" \ + "number of arguments; expected 2, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + oldconffile="$1" + newconffile="$2" + + remove_conffile_rollback "$_oldconffile" + if [ -f "$newconffile" ]; then + rm "$newconffile" + fi +} + +run () { + # syntax: run command [ argument ... ] + # + # Run specified command with optional arguments and report its exit status. + # Useful for commands whose exit status may be nonzero, but still acceptable, + # or commands whose failure is not fatal to us. + # + # NOTE: Do *not* use this function with db_get or db_metaget commands; in + # those cases the return value of the debconf command *must* be checked + # before the string returned by debconf is used for anything. + + local retval + + # validate arguments + if [ $# -lt 1 ]; then + usage_error "run() called with wrong number of arguments; expected at" \ + "least 1, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + "$@" || retval=$? + + if [ ${retval:-0} -ne 0 ]; then + observe "command \"$*\" exited with status $retval" + fi +} + +make_symlink_sane () { + # syntax: make_symlink_sane symlink target + # + # Ensure that the symbolic link symlink exists, and points to target. + # + # If symlink does not exist, create it and point it at target. + # + # If symlink exists but is not a symbolic link, back it up. + # + # If symlink exists, is a symbolic link, but points to the wrong location, fix + # it. + # + # If symlink exists, is a symbolic link, and already points to target, do + # nothing. + # + # This function wouldn't be needed if ln had an -I, --idempotent option. + + # Validate arguments. + if [ $# -ne 2 ]; then + usage_error "make_symlink_sane() called with wrong number of arguments;" \ + "expected 2, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + # We could just use the positional parameters as-is, but that makes things + # harder to follow. + local symlink target + + symlink="$1" + target="$2" + + if [ -L "$symlink" ] && [ "$(readlink "$symlink")" = "$target" ]; then + observe "link from $symlink to $target already exists" + else + observe "creating symbolic link from $symlink to $target" + mkdir -p "${target%/*}" "${symlink%/*}" + ln -s -b -S ".dpkg-old" "$target" "$symlink" + fi +} + +migrate_dir_to_symlink () { + # syntax: migrate_dir_to_symlink old_location new_location + # + # Per Debian Policy section 6.5.4, "A directory will never be replaced by a + # symbolic link to a directory or vice versa; instead, the existing state + # (symlink or not) will be left alone and dpkg will follow the symlink if + # there is one." + # + # We have to do it ourselves. + # + # This function moves the contents of old_location, a directory, into + # new_location, a directory, then makes old_location a symbolic link to + # new_location. + # + # old_location need not exist, but if it does, it must be a directory (or a + # symlink to a directory). If it is not, it is backed up. If new_location + # exists already and is not a directory, it is backed up. + # + # This function should be called from a package's preinst so that other + # packages unpacked after this one --- but before this package's postinst runs + # --- are unpacked into new_location even if their payloads contain + # old_location filespecs. + + # Validate arguments. + if [ $# -ne 2 ]; then + usage_error "migrate_dir_to_symlink() called with wrong number of" + "arguments; expected 2, got $#" + exit $SHELL_LIB_USAGE_ERROR + fi + + # We could just use the positional parameters as-is, but that makes things + # harder to follow. + local new old + + old="$1" + new="$2" + + # Is old location a symlink? + if [ -L "$old" ]; then + # Does it already point to new location? + if [ "$(readlink "$old")" = "$new" ]; then + # Nothing to do; migration has already been done. + observe "migration of $old to $new already done" + return 0 + else + # Back it up. + warn "backing up symbolic link $old as $old.dpkg-old" + mv -b "$old" "$old.dpkg-old" + fi + fi + + # Does old location exist, but is not a directory? + if [ -e "$old" ] && ! [ -d "$old" ]; then + # Back it up. + warn "backing up non-directory $old as $old.dpkg-old" + mv -b "$old" "$old.dpkg-old" + fi + + observe "migrating $old to $new" + + # Is new location a symlink? + if [ -L "$new" ]; then + # Does it point the wrong way, i.e., back to where we're migrating from? + if [ "$(readlink "$new")" = "$old" ]; then + # Get rid of it. + observe "removing symbolic link $new which points to $old" + rm "$new" + else + # Back it up. + warn "backing up symbolic link $new as $new.dpkg-old" + mv -b "$new" "$new.dpkg-old" + fi + fi + + # Does new location exist, but is not a directory? + if [ -e "$new" ] && ! [ -d "$new" ]; then + warn "backing up non-directory $new as $new.dpkg-old" + mv -b "$new" "$new.dpkg-old" + fi + + # Create new directory if it does not yet exist. + if ! [ -e "$new" ]; then + observe "creating $new" + mkdir -p "$new" + fi + + # Copy files in old location to new location. Back up any filenames that + # already exist in the new location with the extension ".dpkg-old". + observe "copying files from $old to $new" + if ! (cd "$old" && cp -a -b -S ".dpkg-old" . "$new"); then + die "error(s) encountered while copying files from $old to $new" + fi + + # Remove files at old location. + observe "removing $old" + rm -r "$old" + + # Create symlink from old location to new location. + make_symlink_sane "$old" "$new" +} + +# vim:set ai et sw=2 ts=2 tw=80: + +# GOBSTOPPER: The X Strike Force shell library ends here. --- libxfont-1.4.1.orig/debian/xsfbs/repack.sh +++ libxfont-1.4.1/debian/xsfbs/repack.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +set -e + +if ! [ -d debian/prune ]; then + exit 0 +fi + +if [ "x$1" != x--upstream-version ]; then + exit 1 +fi + +version="$2" +filename="$3" + +if [ -z "$version" ] || ! [ -f "$filename" ]; then + exit 1 +fi + +dir="$(pwd)" +tempdir="$(mktemp -d)" + +cd "$tempdir" +tar xf "$dir/$filename" +cat "$dir"/debian/prune/* | while read file; do rm -f */$file; done + +tar czf "$dir/$filename" * +cd "$dir" +rm -rf "$tempdir" +echo "Done pruning upstream tarball" + +exit 0 --- libxfont-1.4.1.orig/debian/patches/CVE-2014-0209.patch +++ libxfont-1.4.1/debian/patches/CVE-2014-0209.patch @@ -0,0 +1,43 @@ +Description: fix denial of service and possible code execution via + font metadata file parsing +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=2f5e57317339c526e6eaee1010b0e2ab8089c42e +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=05c8020a49416dd8b7510cbba45ce4f3fc81a7dc + +Index: libxfont-1.4.1/src/fontfile/dirfile.c +=================================================================== +--- libxfont-1.4.1.orig/src/fontfile/dirfile.c 2014-05-13 12:30:59.535771040 -0400 ++++ libxfont-1.4.1/src/fontfile/dirfile.c 2014-05-13 12:30:59.535771040 -0400 +@@ -45,6 +45,7 @@ + #include + #include + #include ++#include + + static Bool AddFileNameAliases ( FontDirectoryPtr dir ); + static int ReadFontAlias ( char *directory, Bool isFile, +@@ -377,6 +378,9 @@ + int nsize; + char *nbuf; + ++ if (tokenSize >= (INT_MAX >> 2)) ++ /* Stop before we overflow */ ++ return EALLOC; + nsize = tokenSize ? (tokenSize << 1) : 64; + nbuf = realloc(tokenBuf, nsize); + if (!nbuf) +Index: libxfont-1.4.1/src/fontfile/fontdir.c +=================================================================== +--- libxfont-1.4.1.orig/src/fontfile/fontdir.c 2014-05-13 12:30:59.535771040 -0400 ++++ libxfont-1.4.1/src/fontfile/fontdir.c 2014-05-13 12:30:59.535771040 -0400 +@@ -181,6 +181,11 @@ + if (table->sorted) + return (FontEntryPtr) 0; /* "cannot" happen */ + if (table->used == table->size) { ++ if (table->size >= ((INT32_MAX / sizeof(FontEntryRec)) - 100)) ++ /* If we've read so many entries we're going to ask for 2gb ++ or more of memory, something is so wrong with this font ++ directory that we should just give up before we overflow. */ ++ return NULL; + newsize = table->size + 100; + entry = realloc(table->entries, newsize * sizeof(FontEntryRec)); + if (!entry) --- libxfont-1.4.1.orig/debian/patches/CVE-2015-1804.patch +++ libxfont-1.4.1/debian/patches/CVE-2015-1804.patch @@ -0,0 +1,70 @@ +From 2351c83a77a478b49cba6beb2ad386835e264744 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 6 Mar 2015 22:54:58 -0800 +Subject: bdfReadCharacters: ensure metrics fit into xCharInfo struct + [CVE-2015-1804] + +We use 32-bit ints to read from the bdf file, but then try to stick +into a 16-bit int in the xCharInfo struct, so make sure they won't +overflow that range. + +Found by afl-1.24b. + +v2: Verify that additions won't overflow 32-bit int range either. +v3: As Julien correctly observes, the previous check for bh & bw not + being < 0 reduces the number of cases we need to check for overflow. + +Signed-off-by: Alan Coopersmith +Reviewed-by: Julien Cristau + +Index: libxfont-1.4.1/src/bitmap/bdfread.c +=================================================================== +--- libxfont-1.4.1.orig/src/bitmap/bdfread.c 2015-03-18 07:33:46.638895210 -0400 ++++ libxfont-1.4.1/src/bitmap/bdfread.c 2015-03-18 07:33:46.638895210 -0400 +@@ -65,8 +65,16 @@ + + #if HAVE_STDINT_H + #include +-#elif !defined(INT32_MAX) +-#define INT32_MAX 0x7fffffff ++#else ++# ifndef INT32_MAX ++# define INT32_MAX 0x7fffffff ++# endif ++# ifndef INT16_MAX ++# define INT16_MAX 0x7fff ++# endif ++# ifndef INT16_MIN ++# define INT16_MIN (0 - 0x8000) ++# endif + #endif + + #define INDICES 256 +@@ -419,6 +427,12 @@ + bdfError("DWIDTH y value must be zero\n"); + goto BAILOUT; + } ++ /* xCharInfo metrics are stored as INT16 */ ++ if ((wx < 0) || (wx > INT16_MAX)) { ++ bdfError("character '%s' has out of range width, %d\n", ++ charName, wx); ++ goto BAILOUT; ++ } + line = bdfGetLine(file, lineBuf, BDFLINELEN); + if ((!line) || (sscanf((char *) line, "BBX %d %d %d %d", &bw, &bh, &bl, &bb) != 4)) { + bdfError("bad 'BBX'\n"); +@@ -429,6 +443,14 @@ + charName, bw, bh); + goto BAILOUT; + } ++ /* xCharInfo metrics are read as int, but stored as INT16 */ ++ if ((bl > INT16_MAX) || (bl < INT16_MIN) || ++ (bb > INT16_MAX) || (bb < INT16_MIN) || ++ (bw > (INT16_MAX - bl)) || (bh > (INT16_MAX - bb))) { ++ bdfError("character '%s' has out of range metrics, %d %d %d %d\n", ++ charName, bl, (bl+bw), (bh+bb), -bb); ++ goto BAILOUT; ++ } + line = bdfGetLine(file, lineBuf, BDFLINELEN); + if ((line) && (bdfIsPrefix(line, "ATTRIBUTES"))) { + for (p = line + strlen("ATTRIBUTES "); --- libxfont-1.4.1.orig/debian/patches/series +++ libxfont-1.4.1/debian/patches/series @@ -0,0 +1,7 @@ +CVE-2011-2895.patch +CVE-2013-6462.patch +CVE-2014-0209.patch +CVE-2014-021x.patch +CVE-2015-1802.patch +CVE-2015-1803.patch +CVE-2015-1804.patch --- libxfont-1.4.1.orig/debian/patches/CVE-2015-1802.patch +++ libxfont-1.4.1/debian/patches/CVE-2015-1802.patch @@ -0,0 +1,27 @@ +From 2deda9906480f9c8ae07b8c2a5510cc7e4c59a8e Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 6 Feb 2015 15:50:45 -0800 +Subject: bdfReadProperties: property count needs range check [CVE-2015-1802] + +Avoid integer overflow or underflow when allocating memory arrays +by multiplying the number of properties reported for a BDF font. + +Reported-by: Ilja Van Sprundel +Signed-off-by: Alan Coopersmith +Reviewed-by: Julien Cristau + +Index: libxfont-1.4.1/src/bitmap/bdfread.c +=================================================================== +--- libxfont-1.4.1.orig/src/bitmap/bdfread.c 2015-03-18 07:33:34.698815128 -0400 ++++ libxfont-1.4.1/src/bitmap/bdfread.c 2015-03-18 07:33:34.694815101 -0400 +@@ -601,7 +601,9 @@ + bdfError("missing 'STARTPROPERTIES'\n"); + return (FALSE); + } +- if (sscanf((char *) line, "STARTPROPERTIES %d", &nProps) != 1) { ++ if ((sscanf((char *) line, "STARTPROPERTIES %d", &nProps) != 1) || ++ (nProps <= 0) || ++ (nProps > ((INT32_MAX / sizeof(FontPropRec)) - BDF_GENPROPS))) { + bdfError("bad 'STARTPROPERTIES'\n"); + return (FALSE); + } --- libxfont-1.4.1.orig/debian/patches/CVE-2011-2895.patch +++ libxfont-1.4.1/debian/patches/CVE-2011-2895.patch @@ -0,0 +1,16 @@ +Description: fix arbitrary code execution via overflow +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 + +Index: libxfont-1.4.1/src/fontfile/decompress.c +=================================================================== +--- libxfont-1.4.1.orig/src/fontfile/decompress.c 2011-08-11 10:31:25.028977325 -0400 ++++ libxfont-1.4.1/src/fontfile/decompress.c 2011-08-11 10:31:36.578977323 -0400 +@@ -261,6 +261,8 @@ + */ + while ( code >= 256 ) + { ++ if (stackp - de_stack >= STACK_SIZE - 1) ++ return BUFFILEEOF; + *stackp++ = file->tab_suffix[code]; + code = file->tab_prefix[code]; + } --- libxfont-1.4.1.orig/debian/patches/CVE-2013-6462.patch +++ libxfont-1.4.1/debian/patches/CVE-2013-6462.patch @@ -0,0 +1,30 @@ +From aeabb3efa6905e11c479e2e5319f2b6b3ab22009 Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Mon, 23 Dec 2013 18:34:02 -0800 +Subject: [PATCH:libXfont 1/2] CVE-2013-XXXX: unlimited sscanf can overflow + stack buffer in bdfReadCharacters() + +Fixes cppcheck warning: + [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) + scanf without field width limits can crash with huge input data. + +Signed-off-by: Alan Coopersmith +Reviewed-by: Matthieu Herrb +Reviewed-by: Jeremy Huddleston Sequoia +--- + src/bitmap/bdfread.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: libxfont-1.4.1/src/bitmap/bdfread.c +=================================================================== +--- libxfont-1.4.1.orig/src/bitmap/bdfread.c 2013-12-30 17:39:16.644975857 -0500 ++++ libxfont-1.4.1/src/bitmap/bdfread.c 2013-12-30 17:39:16.640975857 -0500 +@@ -341,7 +341,7 @@ + char charName[100]; + int ignore; + +- if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) { ++ if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) { + bdfError("bad character name in BDF file\n"); + goto BAILOUT; /* bottom of function, free and return error */ + } --- libxfont-1.4.1.orig/debian/patches/CVE-2015-1803.patch +++ libxfont-1.4.1/debian/patches/CVE-2015-1803.patch @@ -0,0 +1,30 @@ +From 78c2e3d70d29698244f70164428bd2868c0ab34c Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith +Date: Fri, 6 Feb 2015 15:54:00 -0800 +Subject: bdfReadCharacters: bailout if a char's bitmap cannot be read + [CVE-2015-1803] + +Previously would charge on ahead with a NULL pointer in ci->bits, and +then crash later in FontCharInkMetrics() trying to access the bits. + +Found with afl-1.23b. + +Signed-off-by: Alan Coopersmith +Reviewed-by: Julien Cristau + +Index: libxfont-1.4.1/src/bitmap/bdfread.c +=================================================================== +--- libxfont-1.4.1.orig/src/bitmap/bdfread.c 2015-03-18 07:33:40.854856415 -0400 ++++ libxfont-1.4.1/src/bitmap/bdfread.c 2015-03-18 07:33:40.854856415 -0400 +@@ -460,7 +460,10 @@ + ci->metrics.descent = -bb; + ci->metrics.characterWidth = wx; + ci->bits = NULL; +- bdfReadBitmap(ci, file, bit, byte, glyph, scan, bitmapsSizes); ++ if (!bdfReadBitmap(ci, file, bit, byte, glyph, scan, bitmapsSizes)) { ++ bdfError("could not read bitmap for character '%s'\n", charName); ++ goto BAILOUT; ++ } + ci++; + ndx++; + } else --- libxfont-1.4.1.orig/debian/patches/CVE-2014-021x.patch +++ libxfont-1.4.1/debian/patches/CVE-2014-021x.patch @@ -0,0 +1,549 @@ +Description: fix denial of service and possible code execution via + xfs font server replies +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=891e084b26837162b12f841060086a105edde86d +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=cbb64aef35960b2882be721f4b8fbaa0fb649d12 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=0f1a5d372c143f91a602bdf10c917d7eabaee09b +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=491291cabf78efdeec8f18b09e14726a9030cc8f +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=c578408c1fd4db09e4e3173f8a9e65c81cc187c1 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=a42f707f8a62973f5e8bbcd08afb10a79e9cee33 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=a3f21421537620fc4e1f844a594a4bcd9f7e2bd8 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=520683652564c2a4e42328ae23eef9bb63271565 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5fa73ac18474be3032ee7af9c6e29deab163ea39 +Origin: upstream, http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d338f81df1e188eb16e1d6aeea7f4800f89c1218 + +Index: libxfont-1.4.1/src/fc/fsconvert.c +=================================================================== +--- libxfont-1.4.1.orig/src/fc/fsconvert.c 2014-05-13 12:31:10.943771345 -0400 ++++ libxfont-1.4.1/src/fc/fsconvert.c 2014-05-13 12:31:10.935771345 -0400 +@@ -120,6 +120,10 @@ + for (i = 0; i < nprops; i++, dprop++, is_str++) + { + memcpy(&local_off, off_adr, SIZEOF(fsPropOffset)); ++ if ((local_off.name.position >= pi->data_len) || ++ (local_off.name.length > ++ (pi->data_len - local_off.name.position))) ++ goto bail; + dprop->name = MakeAtom(&pdc[local_off.name.position], + local_off.name.length, 1); + if (local_off.type != PropTypeString) { +@@ -127,10 +131,15 @@ + dprop->value = local_off.value.position; + } else { + *is_str = TRUE; ++ if ((local_off.value.position >= pi->data_len) || ++ (local_off.value.length > ++ (pi->data_len - local_off.value.position))) ++ goto bail; + dprop->value = (INT32) MakeAtom(&pdc[local_off.value.position], + local_off.value.length, 1); + if (dprop->value == BAD_RESOURCE) + { ++ bail: + free (pfi->props); + pfi->nprops = 0; + pfi->props = 0; +@@ -714,7 +723,12 @@ + FSGlyphPtr glyphs; + FSFontPtr fsfont = (FSFontPtr) pFont->fontPrivate; + +- glyphs = malloc (sizeof (FSGlyphRec) + size); ++ if (size < (INT_MAX - sizeof (FSGlyphRec))) ++ glyphs = malloc (sizeof (FSGlyphRec) + size); ++ else ++ glyphs = NULL; ++ if (glyphs == NULL) ++ return NULL; + glyphs->next = fsfont->glyphs; + fsfont->glyphs = glyphs; + return (pointer) (glyphs + 1); +Index: libxfont-1.4.1/src/fc/fserve.c +=================================================================== +--- libxfont-1.4.1.orig/src/fc/fserve.c 2014-05-13 12:31:10.943771345 -0400 ++++ libxfont-1.4.1/src/fc/fserve.c 2014-05-13 12:31:10.935771345 -0400 +@@ -73,6 +73,7 @@ + #include "fservestr.h" + #include + #include ++#include + + #include + #define Time_t time_t +@@ -94,6 +95,15 @@ + (pci)->descent || \ + (pci)->characterWidth) + ++/* ++ * SIZEOF(r) is in bytes, length fields in the protocol are in 32-bit words, ++ * so this converts for doing size comparisons. ++ */ ++#define LENGTHOF(r) (SIZEOF(r) >> 2) ++ ++/* Somewhat arbitrary limit on maximum reply size we'll try to read. */ ++#define MAX_REPLY_LENGTH ((64 * 1024 * 1024) >> 2) ++ + extern void ErrorF(const char *f, ...); + + static int fs_read_glyphs ( FontPathElementPtr fpe, FSBlockDataPtr blockrec ); +@@ -209,9 +219,22 @@ + rep->sequenceNumber, + conn->reqbuffer[i].opcode); + } ++ ++#define _fs_reply_failed(rep, name, op) do { \ ++ if (rep) { \ ++ if (rep->type == FS_Error) \ ++ fprintf (stderr, "Error: %d Request: %s\n", \ ++ ((fsError *)rep)->request, #name); \ ++ else \ ++ fprintf (stderr, "Bad Length for %s Reply: %d %s %d\n", \ ++ #name, rep->length, op, LENGTHOF(name)); \ ++ } \ ++} while (0) ++ + #else + #define _fs_add_req_log(conn,op) ((conn)->current_seq++) + #define _fs_add_rep_log(conn,rep) ++#define _fs_reply_failed(rep,name,op) + #endif + + static Bool +@@ -603,6 +626,21 @@ + + rep = (fsGenericReply *) buf; + ++ /* ++ * Refuse to accept replies longer than a maximum reasonable length, ++ * before we pass to _fs_start_read, since it will try to resize the ++ * incoming connection buffer to this size. Also avoids integer overflow ++ * on 32-bit systems. ++ */ ++ if (rep->length > MAX_REPLY_LENGTH) ++ { ++ ErrorF("fserve: reply length %d > MAX_REPLY_LENGTH, disconnecting" ++ " from font server\n", rep->length); ++ _fs_connection_died (conn); ++ *error = FSIO_ERROR; ++ return 0; ++ } ++ + ret = _fs_start_read (conn, rep->length << 2, &buf); + if (ret != FSIO_READY) + { +@@ -685,13 +723,15 @@ + int ret; + + rep = (fsOpenBitmapFontReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length != LENGTHOF(fsOpenBitmapFontReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsOpenBitmapFontReply, "!="); + return BadFontName; + } + +@@ -818,6 +858,7 @@ + FSFpePtr conn = (FSFpePtr) fpe->private; + fsQueryXInfoReply *rep; + char *buf; ++ long bufleft; /* length of reply left to use */ + fsPropInfo *pi; + fsPropOffset *po; + pointer pd; +@@ -827,13 +868,15 @@ + int ret; + + rep = (fsQueryXInfoReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXInfoReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsQueryXInfoReply, "<"); + return BadFontName; + } + +@@ -847,6 +890,9 @@ + buf = (char *) rep; + buf += SIZEOF(fsQueryXInfoReply); + ++ bufleft = rep->length << 2; ++ bufleft -= SIZEOF(fsQueryXInfoReply); ++ + /* move the data over */ + fsUnpack_XFontInfoHeader(rep, pInfo); + +@@ -854,17 +900,50 @@ + _fs_init_fontinfo(conn, pInfo); + + /* Compute offsets into the reply */ ++ if (bufleft < SIZEOF(fsPropInfo)) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, "fsQueryXInfo: bufleft (%ld) < SIZEOF(fsPropInfo)\n", ++ bufleft); ++#endif ++ goto bail; ++ } + pi = (fsPropInfo *) buf; + buf += SIZEOF (fsPropInfo); ++ bufleft -= SIZEOF(fsPropInfo); + ++ if ((bufleft / SIZEOF(fsPropOffset)) < pi->num_offsets) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXInfo: bufleft (%ld) / SIZEOF(fsPropOffset) < %d\n", ++ bufleft, pi->num_offsets); ++#endif ++ goto bail; ++ } + po = (fsPropOffset *) buf; + buf += pi->num_offsets * SIZEOF(fsPropOffset); ++ bufleft -= pi->num_offsets * SIZEOF(fsPropOffset); + ++ if (bufleft < pi->data_len) ++ { ++ ret = -1; ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXInfo: bufleft (%ld) < data_len (%d)\n", ++ bufleft, pi->data_len); ++#endif ++ goto bail; ++ } + pd = (pointer) buf; + buf += pi->data_len; ++ bufleft -= pi->data_len; + + /* convert the properties and step over the reply */ + ret = _fs_convert_props(pi, po, pd, pInfo); ++ bail: + _fs_done_read (conn, rep->length << 2); + + if (ret == -1) +@@ -954,13 +1033,15 @@ + FontInfoRec *fi = &bfont->pfont->info; + + rep = (fsQueryXExtents16Reply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXExtents16Reply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + fs_cleanup_bfont (bfont); ++ _fs_reply_failed (rep, fsQueryXExtents16Reply, "<"); + return BadFontName; + } + +@@ -973,7 +1054,26 @@ + numInfos *= 2; + haveInk = TRUE; + } +- ci = pCI = malloc(sizeof(CharInfoRec) * numInfos); ++ if (numInfos >= (INT_MAX / sizeof(CharInfoRec))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXExtents16: numInfos (%d) >= %ld\n", ++ numInfos, (INT_MAX / sizeof(CharInfoRec))); ++#endif ++ pCI = NULL; ++ } ++ else if (numExtents > ((rep->length - LENGTHOF(fsQueryXExtents16Reply)) ++ / LENGTHOF(fsXCharInfo))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXExtents16: numExtents (%d) > (%d - %d) / %d\n", ++ numExtents, rep->length, ++ LENGTHOF(fsQueryXExtents16Reply), LENGTHOF(fsXCharInfo)); ++#endif ++ pCI = NULL; ++ } ++ else ++ pCI = malloc(sizeof(CharInfoRec) * numInfos); + + if (!pCI) + { +@@ -1812,6 +1912,7 @@ + FontInfoPtr pfi = &pfont->info; + fsQueryXBitmaps16Reply *rep; + char *buf; ++ long bufleft; /* length of reply left to use */ + fsOffset32 *ppbits; + fsOffset32 local_off; + char *off_adr; +@@ -1828,22 +1929,48 @@ + unsigned long minchar, maxchar; + + rep = (fsQueryXBitmaps16Reply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsQueryXBitmaps16Reply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); + err = AllocError; ++ _fs_reply_failed (rep, fsQueryXBitmaps16Reply, "<"); + goto bail; + } + + buf = (char *) rep; + buf += SIZEOF (fsQueryXBitmaps16Reply); + ++ bufleft = rep->length << 2; ++ bufleft -= SIZEOF (fsQueryXBitmaps16Reply); ++ ++ if ((bufleft / SIZEOF (fsOffset32)) < rep->num_chars) ++ { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXBitmaps16: num_chars (%d) > bufleft (%ld) / %d\n", ++ rep->num_chars, bufleft, SIZEOF (fsOffset32)); ++#endif ++ err = AllocError; ++ goto bail; ++ } + ppbits = (fsOffset32 *) buf; + buf += SIZEOF (fsOffset32) * (rep->num_chars); ++ bufleft -= SIZEOF (fsOffset32) * (rep->num_chars); + ++ if (bufleft < rep->nbytes) ++ { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsQueryXBitmaps16: nbytes (%d) > bufleft (%ld)\n", ++ rep->nbytes, bufleft); ++#endif ++ err = AllocError; ++ goto bail; ++ } + pbitmaps = (pointer ) buf; + + if (blockrec->type == FS_LOAD_GLYPHS) +@@ -1901,7 +2028,9 @@ + */ + if (NONZEROMETRICS(&fsdata->encoding[minchar].metrics)) + { +- if (local_off.length) ++ if (local_off.length && ++ (local_off.position < rep->nbytes) && ++ (local_off.length <= (rep->nbytes - local_off.position))) + { + bits = allbits; + allbits += local_off.length; +@@ -2231,31 +2360,48 @@ + FSBlockedListPtr blist = (FSBlockedListPtr) blockrec->data; + fsListFontsReply *rep; + char *data; ++ long dataleft; /* length of reply left to use */ + int length, + i, + ret; + int err; + + rep = (fsListFontsReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ (rep->length < LENGTHOF(fsListFontsReply))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + if (rep) + _fs_done_read (conn, rep->length << 2); ++ _fs_reply_failed (rep, fsListFontsReply, "<"); + return AllocError; + } + data = (char *) rep + SIZEOF (fsListFontsReply); ++ dataleft = (rep->length << 2) - SIZEOF (fsListFontsReply); + + err = Successful; + /* copy data into FontPathRecord */ + for (i = 0; i < rep->nFonts; i++) + { ++ if (dataleft < 1) ++ break; + length = *(unsigned char *)data++; ++ dataleft--; /* used length byte */ ++ if (length > dataleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFonts: name length (%d) > dataleft (%ld)\n", ++ length, dataleft); ++#endif ++ err = BadFontName; ++ break; ++ } + err = AddFontNamesName(blist->names, data, length); + if (err != Successful) + break; + data += length; ++ dataleft -= length; + } + _fs_done_read (conn, rep->length << 2); + return err; +@@ -2350,6 +2496,7 @@ + FSBlockedListInfoPtr binfo = (FSBlockedListInfoPtr) blockrec->data; + fsListFontsWithXInfoReply *rep; + char *buf; ++ long bufleft; + FSFpePtr conn = (FSFpePtr) fpe->private; + fsPropInfo *pi; + fsPropOffset *po; +@@ -2361,12 +2508,15 @@ + _fs_free_props (&binfo->info); + + rep = (fsListFontsWithXInfoReply *) fs_get_reply (conn, &ret); +- if (!rep || rep->type == FS_Error) ++ if (!rep || rep->type == FS_Error || ++ ((rep->nameLength != 0) && ++ (rep->length < LENGTHOF(fsListFontsWithXInfoReply)))) + { + if (ret == FSIO_BLOCK) + return StillWorking; + binfo->status = FS_LFWI_FINISHED; + err = AllocError; ++ _fs_reply_failed (rep, fsListFontsWithXInfoReply, "<"); + goto done; + } + /* +@@ -2383,6 +2533,7 @@ + } + + buf = (char *) rep + SIZEOF (fsListFontsWithXInfoReply); ++ bufleft = (rep->length << 2) - SIZEOF (fsListFontsWithXInfoReply); + + /* + * The original FS implementation didn't match +@@ -2391,19 +2542,71 @@ + */ + if (conn->fsMajorVersion <= 1) + { ++ if (rep->nameLength > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: name length (%d) > bufleft (%ld)\n", ++ (int) rep->nameLength, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ /* binfo->name is a 256 char array, rep->nameLength is a CARD8 */ + memcpy (binfo->name, buf, rep->nameLength); + buf += _fs_pad_length (rep->nameLength); ++ bufleft -= _fs_pad_length (rep->nameLength); + } + pi = (fsPropInfo *) buf; ++ if (SIZEOF (fsPropInfo) > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: PropInfo length (%d) > bufleft (%ld)\n", ++ (int) SIZEOF (fsPropInfo), bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= SIZEOF (fsPropInfo); + buf += SIZEOF (fsPropInfo); + po = (fsPropOffset *) buf; ++ if (pi->num_offsets > (bufleft / SIZEOF (fsPropOffset))) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: offset length (%d * %d) > bufleft (%ld)\n", ++ pi->num_offsets, (int) SIZEOF (fsPropOffset), bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= pi->num_offsets * SIZEOF (fsPropOffset); + buf += pi->num_offsets * SIZEOF (fsPropOffset); + pd = (pointer) buf; ++ if (pi->data_len > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: data length (%d) > bufleft (%ld)\n", ++ pi->data_len, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ bufleft -= pi->data_len; + buf += pi->data_len; + if (conn->fsMajorVersion > 1) + { ++ if (rep->nameLength > bufleft) { ++#ifdef DEBUG ++ fprintf(stderr, ++ "fsListFontsWithXInfo: name length (%d) > bufleft (%ld)\n", ++ (int) rep->nameLength, bufleft); ++#endif ++ err = AllocError; ++ goto done; ++ } ++ /* binfo->name is a 256 char array, rep->nameLength is a CARD8 */ + memcpy (binfo->name, buf, rep->nameLength); + buf += _fs_pad_length (rep->nameLength); ++ bufleft -= _fs_pad_length (rep->nameLength); + } + + #ifdef DEBUG +@@ -2789,7 +2992,7 @@ + int ret = FSIO_ERROR; + fsConnSetup *setup; + FSFpeAltPtr alts; +- int i, alt_len; ++ unsigned int i, alt_len; + int setup_len; + char *alt_save, *alt_names; + +@@ -2816,8 +3019,9 @@ + } + if (setup->num_alternates) + { ++ size_t alt_name_len = setup->alternate_len << 2; + alts = malloc (setup->num_alternates * sizeof (FSFpeAltRec) + +- (setup->alternate_len << 2)); ++ alt_name_len); + if (alts) + { + alt_names = (char *) (setup + 1); +@@ -2826,10 +3030,25 @@ + { + alts[i].subset = alt_names[0]; + alt_len = alt_names[1]; ++ if (alt_len >= alt_name_len) { ++ /* ++ * Length is longer than setup->alternate_len ++ * told us to allocate room for, assume entire ++ * alternate list is corrupted. ++ */ ++#ifdef DEBUG ++ fprintf (stderr, ++ "invalid alt list (length %lx >= %lx)\n", ++ (long) alt_len, (long) alt_name_len); ++#endif ++ free(alts); ++ return FSIO_ERROR; ++ } + alts[i].name = alt_save; + memcpy (alt_save, alt_names + 2, alt_len); + alt_save[alt_len] = '\0'; + alt_save += alt_len + 1; ++ alt_name_len -= alt_len + 1; + alt_names += _fs_pad_length (alt_len + 2); + } + conn->numAlts = setup->num_alternates;