Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package xauth for openSUSE:Factory checked in at 2021-12-01 20:46:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xauth (Old) and /work/SRC/openSUSE:Factory/.xauth.new.31177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xauth" Wed Dec 1 20:46:56 2021 rev:11 rq:934583 version:1.1.1 Changes: -------- --- /work/SRC/openSUSE:Factory/xauth/xauth.changes 2021-03-17 20:13:56.106823823 +0100 +++ /work/SRC/openSUSE:Factory/.xauth.new.31177/xauth.changes 2021-12-02 02:28:33.619922225 +0100 @@ -1,0 +2,7 @@ +Mon Nov 29 15:29:09 UTC 2021 - Stefan Dirsch <sndir...@suse.com> + +- update to version 1.1.1 + * This is a minor bugfix release, including fixes for reported + crashes. + +------------------------------------------------------------------- Old: ---- xauth-1.1.tar.bz2 New: ---- xauth-1.1.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xauth.spec ++++++ --- /var/tmp/diff_new_pack.AhNkNy/_old 2021-12-02 02:28:34.039920775 +0100 +++ /var/tmp/diff_new_pack.AhNkNy/_new 2021-12-02 02:28:34.039920775 +0100 @@ -17,7 +17,7 @@ Name: xauth -Version: 1.1 +Version: 1.1.1 Release: 0 Summary: Utility to edit and display the X authorization information License: MIT ++++++ xauth-1.1.tar.bz2 -> xauth-1.1.1.tar.bz2 ++++++ ++++ 3987 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/ChangeLog new/xauth-1.1.1/ChangeLog --- old/xauth-1.1/ChangeLog 2019-07-11 20:55:33.000000000 +0200 +++ new/xauth-1.1.1/ChangeLog 2021-11-29 00:34:06.000000000 +0100 @@ -1,3 +1,140 @@ +commit 477307d00c1220f8594622e1af982fb0e4e215bf +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun Nov 28 15:32:37 2021 -0800 + + xauth 1.1.1 + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit 1bfa5bff47654213f1d40af64bae0e9e23b4bed4 +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun Nov 28 15:03:37 2021 -0800 + + Fix spelling/wording issues + + Found by using: + codespell --builtin clear,rare,usage,informal,code,names + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit c2811c953620cf946269db2b74b29e0dc707e26a +Author: Alex Gendin <ukke...@gmail.com> +Date: Sat Sep 26 23:26:07 2020 -0400 + + Fix segfault when X starts + + This patch potentially fixes bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884934 + + System log entries when this bug occurs: + kernel: xauth[16729]: segfault at 1 ip 00007f51f517f5a5 sp 00007ffdec846568 error 4 + in libc-2.31.so[7f51f5102000+144000] + kernel: Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0 + 0f 49 29 d0 48 8d 7c 17 31 e9 8f 0b 00 00 66 0f ef c0 <f3> 0f 6f 0e f3 + 0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f + + This bug happens when function get_address_info() in gethost.c is called + with a display name without forward slash, for example 'myhost.mydomain:0' + +commit d7e5021416444e3cc545ffa4f8d1e613cabec633 +Author: Karol Herbst <kher...@redhat.com> +Date: Thu Apr 22 13:26:50 2021 +0200 + + Check malloc calls in process.c + + Fixes warnings like + + warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'authdata' where non-null expected + + Found-by: gcc static analysis + Signed-off-by: Karol Herbst <kher...@redhat.com> + +commit 18a3c3a7672ff5d65bf0b79b89464eac7540b95b +Author: Dr. Tilmann Bubeck <tilm...@bubecks.de> +Date: Thu Aug 20 20:28:52 2020 +0200 + + Additionally check socket file with S_ISSOCK + This fixes bug https://bugzilla.redhat.com/show_bug.cgi?id=1870201 + +commit aaf037ec5c576e46318935feaf6e2b7407ff11a0 +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun May 10 13:21:50 2020 -0700 + + Avoid memory leaks in error paths in do_generate + + Reported by Oracle Parfait: + Error: Memory leak + Memory leak [memory-leak] (CWE 401): + Memory leak of pointer authdata allocated with malloc((authdatalen - 1)) + at line 1955 of process.c in function 'do_generate'. + authdata allocated at line 1946 with malloc((authdatalen - 1)) + Memory leak of pointer authdata allocated with malloc((authdatalen - 1)) + at line 1971 of process.c in function 'do_generate'. + authdata allocated at line 1946 with malloc((authdatalen - 1)) + authdata leaks when (i + 1) >= argc at line 1910. + at line 1980 of process.c in function 'do_generate'. + authdata allocated at line 1946 with malloc((authdatalen - 1)) + authdata leaks when (i + 1) >= argc at line 1910. + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit 4faf0f63f0563513252967a2da1c51de6f5f7b0c +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun May 10 11:46:16 2020 -0700 + + Use reallocarray() when adding members to array in split_into_words() + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3 +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun May 10 11:27:25 2020 -0700 + + Avoid memory leak when realloc() fails in split_into_words() + + Reported by Oracle Parfait: + Error: Memory leak + Memory leak [memory-leak] (CWE 401): + Memory leak of pointer argv allocated with malloc(32) + at line 283 of process.c in function 'split_into_words'. + argv allocated at line 264 with malloc(32) + argv leaks when cur == total at line 280. + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452 +Author: Tobias Stoeckmann <tob...@stoeckmann.org> +Date: Sun May 3 12:29:53 2020 +0200 + + Prevent OOB write with long file names. + + If an -f argument is exactly 1022 characters in size, an off-by-one + stack overflow happens in auth_finalize. The overflow could be even + larger if locks are ignored for authentication files. + + Make sure that a given authentication file name fits into temporary + buffer and that this buffer matches buffer sizes of libXau which is + used by xauth. + +commit cb98d3b3c5e0f8a7585ab6e2c909fad68c52fd55 +Author: Tobias Stoeckmann <tob...@stoeckmann.org> +Date: Sun May 3 12:25:21 2020 +0200 + + Fix segmentation fault on invalid add argument. + + The hex key supplied with an add command can be quoted, in which + case the quotation marks are removed. + + The check itself makes sure that a given string starts with a + double quotation mark and ends with a double quotation mark. + + Buf if only " is supplied, the code crashes because it subtracts + 2 from the length (which is 1) and therefore copies too much + memory into a 0 allocated memory area. + + Proof of concept: + + $ xauth add :0 0 \" + commit e97992671b3870878709a1c01991488965b61b94 Author: Adam Jackson <a...@redhat.com> Date: Thu Jul 11 13:49:26 2019 -0400 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/README.md new/xauth-1.1.1/README.md --- old/xauth-1.1/README.md 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/README.md 2021-11-29 00:33:47.000000000 +0100 @@ -22,7 +22,7 @@ https://lists.x.org/mailman/listinfo/xorg -The master development code repository can be found at: +The primary development code repository can be found at: https://gitlab.freedesktop.org/xorg/app/xauth diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/compile new/xauth-1.1.1/compile --- old/xauth-1.1/compile 2019-07-11 20:55:31.000000000 +0200 +++ new/xauth-1.1.1/compile 2021-11-29 00:33:54.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2018 Free Software Foundation, Inc. +# Copyright (C) 1999-2020 Free Software Foundation, Inc. # Written by Tom Tromey <tro...@cygnus.com>. # # This program is free software; you can redistribute it and/or modify @@ -53,7 +53,7 @@ MINGW*) file_conv=mingw ;; - CYGWIN*) + CYGWIN* | MSYS*) file_conv=cygwin ;; *) @@ -67,7 +67,7 @@ mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; - cygwin/*) + cygwin/* | msys/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/config.h.in new/xauth-1.1.1/config.h.in --- old/xauth-1.1/config.h.in 2019-07-11 20:55:30.000000000 +0200 +++ new/xauth-1.1.1/config.h.in 2021-11-29 00:33:53.000000000 +0100 @@ -15,6 +15,9 @@ /* Define to 1 if you have the <net/errno.h> header file. */ #undef HAVE_NET_ERRNO_H +/* Define to 1 if you have the `reallocarray' function. */ +#undef HAVE_REALLOCARRAY + /* Define to 1 if the system has the type `socklen_t'. */ #undef HAVE_SOCKLEN_T @@ -24,6 +27,9 @@ /* Define to 1 if you have the <stdlib.h> header file. */ #undef HAVE_STDLIB_H +/* Define to 1 if you have the `strcasecmp' function. */ +#undef HAVE_STRCASECMP + /* Define to 1 if you have the <strings.h> header file. */ #undef HAVE_STRINGS_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/configure.ac new/xauth-1.1.1/configure.ac --- old/xauth-1.1/configure.ac 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/configure.ac 2021-11-29 00:33:47.000000000 +0100 @@ -22,7 +22,7 @@ AC_PREREQ([2.60]) AC_INIT([xauth], - [1.1], + [1.1.1], [https://gitlab.freedesktop.org/xorg/app/xauth/issues], [xauth]) AM_INIT_AUTOMAKE([foreign dist-bzip2]) @@ -42,7 +42,7 @@ AC_CHECK_HEADERS([net/errno.h]) -AC_CHECK_FUNCS([strlcpy]) +AC_CHECK_FUNCS([reallocarray strlcpy]) # Checks for pkg-config packages PKG_CHECK_MODULES(XAUTH, x11 xau xext xmuu xproto >= 7.0.17) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/gethost.c new/xauth-1.1.1/gethost.c --- old/xauth-1.1/gethost.c 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/gethost.c 2021-11-29 00:33:47.000000000 +0100 @@ -199,17 +199,17 @@ #ifdef HAVE_STRLCPY strlcpy(path, fulldpyname, sizeof(path)); #else - strncpy(path, fulldpyname, sizeof(path)); + strncpy(path, fulldpyname, sizeof(path) - 1); path[sizeof(path) - 1] = '\0'; #endif - if (0 == stat(path, &sbuf)) { + if (0 == stat(path, &sbuf) && S_ISSOCK(sbuf.st_mode) ) { is_path_to_socket = 1; } else { char *dot = strrchr(path, '.'); if (dot) { *dot = '\0'; /* screen = atoi(dot + 1); */ - if (0 == stat(path, &sbuf)) { + if (0 == stat(path, &sbuf) && S_ISSOCK(sbuf.st_mode)) { is_path_to_socket = 1; } } @@ -218,10 +218,11 @@ if (is_path_to_socket) { /* Use the bundle id (part preceding : in the basename) as our src id */ char *c; + c = strrchr(fulldpyname, '/'); #ifdef HAVE_STRLCPY - strlcpy(buf, strrchr(fulldpyname, '/') + 1, sizeof(buf)); + strlcpy(buf, (NULL != c) ? c + 1 : fulldpyname, sizeof(buf)); #else - strncpy(buf, strrchr(fulldpyname, '/') + 1, sizeof(buf)); + strncpy(buf, (NULL != c) ? c + 1 : fulldpyname, sizeof(buf) - 1); buf[sizeof(buf) - 1] = '\0'; #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/man/xauth.man new/xauth-1.1.1/man/xauth.man --- old/xauth-1.1/man/xauth.man 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/man/xauth.man 2021-11-29 00:33:47.000000000 +0100 @@ -238,10 +238,10 @@ Xau(__libmansuffix__). .SH BUGS .PP -Users that have unsecure networks should take care to use encrypted +Users that have insecure networks should take care to use encrypted file transfer mechanisms to copy authorization entries between machines. Similarly, the \fIMIT-MAGIC-COOKIE-1\fP protocol is not very useful in -unsecure environments. Sites that are interested in additional security +insecure environments. Sites that are interested in additional security may need to use encrypted authorization mechanisms such as Kerberos. .PP Spaces are currently not allowed in the protocol name. Quoting could be diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/missing new/xauth-1.1.1/missing --- old/xauth-1.1/missing 2019-07-11 20:55:31.000000000 +0200 +++ new/xauth-1.1.1/missing 2021-11-29 00:33:54.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1996-2018 Free Software Foundation, Inc. +# Copyright (C) 1996-2020 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <pin...@iro.umontreal.ca>, 1996. # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/parsedpy.c new/xauth-1.1.1/parsedpy.c --- old/xauth-1.1/parsedpy.c 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/parsedpy.c 2021-11-29 00:33:47.000000000 +0100 @@ -35,7 +35,7 @@ #include <stdio.h> /* for NULL */ #include <ctype.h> /* for isascii() and isdigit() */ #include <X11/Xos.h> /* for strchr() and string routines */ -#include <X11/Xlib.h> /* for Family contants */ +#include <X11/Xlib.h> /* for Family constants */ #ifdef hpux #include <sys/utsname.h> /* for struct utsname */ #endif @@ -172,7 +172,7 @@ #ifdef HAVE_STRLCPY strlcpy(path, displayname, sizeof(path)); #else - strncpy(path, displayname, sizeof(path)); + strncpy(path, displayname, sizeof(path) - 1); path[sizeof(path) - 1] = '\0'; #endif if (0 == stat(path, &sbuf)) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/process.c new/xauth-1.1.1/process.c --- old/xauth-1.1/process.c 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/process.c 2021-11-29 00:33:47.000000000 +0100 @@ -37,6 +37,7 @@ #include "xauth.h" #include <ctype.h> #include <errno.h> +#include <stdint.h> #include <sys/stat.h> #ifndef WIN32 #include <sys/socket.h> @@ -251,6 +252,18 @@ return s; } +#ifndef HAVE_REALLOCARRAY +static inline void * +reallocarray(void *optr, size_t nmemb, size_t size) +{ + if ((nmemb > 0) && (SIZE_MAX / nmemb < size)) { + errno = ENOMEM; + return NULL; + } + return realloc(optr, size * nmemb); +} +#endif + static const char ** split_into_words(char *src, int *argcp) /* argvify string */ { @@ -278,9 +291,15 @@ savec = *src; *src = '\0'; if (cur == total) { + const char **new_argv; total += WORDSTOALLOC; - argv = realloc (argv, total * sizeof (char *)); - if (!argv) return NULL; + new_argv = reallocarray (argv, total, sizeof (char *)); + if (new_argv != NULL) { + argv = new_argv; + } else { + free(argv); + return NULL; + } } argv[cur++] = jword; if (savec) src++; /* if not last on line advance */ @@ -633,7 +652,7 @@ static Bool xauth_allowed = True; /* if allowed to write auth file */ static Bool xauth_locked = False; /* if has been locked */ static const char *xauth_filename = NULL; -static volatile Bool dieing = False; +static volatile Bool dying = False; /* poor man's puts(), for under signal handlers, @@ -645,7 +664,7 @@ static void die(int sig) { - dieing = True; + dying = True; _exit (auth_finalize ()); /* NOTREACHED */ } @@ -697,6 +716,10 @@ FILE *authfp; Bool exists; + if (strlen(authfilename) > 1022) { + fprintf (stderr, "%s: authority file name \"%s\" too long\n", + ProgramName, authfilename); + } xauth_filename = authfilename; /* used in cleanup, prevent race with signals */ register_signals (); @@ -854,10 +877,10 @@ int auth_finalize(void) { - char temp_name[1024]; /* large filename size */ + char temp_name[1025]; /* large filename size */ if (xauth_modified) { - if (dieing) { + if (dying) { if (verbose) { /* * called from a signal handler -- printf is *not* reentrant; also @@ -1614,13 +1637,22 @@ hexkey = argv[3]; len = strlen(hexkey); - if (hexkey[0] == '"' && hexkey[len-1] == '"') { + if (len > 1 && hexkey[0] == '"' && hexkey[len-1] == '"') { key = malloc(len-1); + if (!key) { + fprintf(stderr, "unable to allocate memory\n"); + return 1; + } strncpy(key, hexkey+1, len-2); + key[len-1] = '\0'; len -= 2; } else if (!strcmp(protoname, SECURERPC) || !strcmp(protoname, K5AUTH)) { key = malloc(len+1); + if (!key) { + fprintf(stderr, "unable to allocate memory\n"); + return 1; + } strcpy(key, hexkey); } else { len = cvthexkey (hexkey, &key); @@ -1859,10 +1891,10 @@ const char *displayname; int major_version, minor_version; XSecurityAuthorization id_return; - Xauth *auth_in, *auth_return; + Xauth *auth_in = NULL, *auth_return = NULL; XSecurityAuthorizationAttributes attributes; unsigned long attrmask = 0; - Display *dpy; + Display *dpy = NULL; int status; const char *args[4]; const char *protoname = "."; @@ -1870,7 +1902,7 @@ int authdatalen = 0; const char *hexdata; char *authdata = NULL; - char *hex; + char *hex = NULL; if (argc < 2 || !argv[1]) { prefix (inputfilename, lineno); @@ -1889,7 +1921,8 @@ if (++i == argc) { prefix (inputfilename, lineno); badcommandline (argv[i-1]); - return 1; + status = 1; + goto exit_generate; } attributes.timeout = atoi(argv[i]); attrmask |= XSecurityTimeout; @@ -1906,7 +1939,8 @@ if (++i == argc) { prefix (inputfilename, lineno); badcommandline (argv[i-1]); - return 1; + status = 1; + goto exit_generate; } attributes.group = atoi(argv[i]); attrmask |= XSecurityGroup; @@ -1915,13 +1949,20 @@ if (++i == argc) { prefix (inputfilename, lineno); badcommandline (argv[i-1]); - return 1; + status = 1; + goto exit_generate; } hexdata = argv[i]; authdatalen = strlen(hexdata); if (hexdata[0] == '"' && hexdata[authdatalen-1] == '"') { authdata = malloc(authdatalen-1); + if (!authdata) { + fprintf(stderr, "unable to allocate memory\n"); + status = 1; + goto exit_generate; + } strncpy(authdata, hexdata+1, authdatalen-2); + authdata[authdatalen-1] = '\0'; authdatalen -= 2; } else { authdatalen = cvthexkey (hexdata, &authdata); @@ -1929,13 +1970,15 @@ prefix (inputfilename, lineno); fprintf (stderr, "data contains odd number of or non-hex characters\n"); - return 1; + status = 1; + goto exit_generate; } } } else { prefix (inputfilename, lineno); badcommandline (argv[i]); - return 1; + status = 1; + goto exit_generate; } } @@ -1945,7 +1988,8 @@ if (!dpy) { prefix (inputfilename, lineno); fprintf (stderr, "unable to open display \"%s\".\n", displayname); - return 1; + status = 1; + goto exit_generate; } status = XSecurityQueryExtension(dpy, &major_version, &minor_version); @@ -1954,7 +1998,8 @@ prefix (inputfilename, lineno); fprintf (stderr, "couldn't query Security extension on display \"%s\"\n", displayname); - return 1; + status = 1; + goto exit_generate; } /* fill in input Xauth struct */ @@ -1979,7 +2024,8 @@ { prefix (inputfilename, lineno); fprintf (stderr, "couldn't generate authorization\n"); - return 1; + status = 1; + goto exit_generate; } if (verbose) @@ -1994,10 +2040,12 @@ status = do_add(inputfilename, lineno, 4, args); - if (authdata) free(authdata); + exit_generate: + free(authdata); XSecurityFreeXauth(auth_in); XSecurityFreeXauth(auth_return); free(hex); - XCloseDisplay(dpy); + if (dpy != NULL) + XCloseDisplay(dpy); return status; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/test-driver new/xauth-1.1.1/test-driver --- old/xauth-1.1/test-driver 2019-07-11 20:55:31.000000000 +0200 +++ new/xauth-1.1.1/test-driver 2021-11-29 00:33:54.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 2011-2018 Free Software Foundation, Inc. +# Copyright (C) 2011-2020 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -42,11 +42,13 @@ { cat <<END Usage: - test-driver --test-name=NAME --log-file=PATH --trs-file=PATH - [--expect-failure={yes|no}] [--color-tests={yes|no}] - [--enable-hard-errors={yes|no}] [--] + test-driver --test-name NAME --log-file PATH --trs-file PATH + [--expect-failure {yes|no}] [--color-tests {yes|no}] + [--enable-hard-errors {yes|no}] [--] TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS] + The '--test-name', '--log-file' and '--trs-file' options are mandatory. +See the GNU Automake documentation for information. END } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/xauth-1.1/tests/030-xauth-extract.script new/xauth-1.1.1/tests/030-xauth-extract.script --- old/xauth-1.1/tests/030-xauth-extract.script 2019-07-11 20:55:28.000000000 +0200 +++ new/xauth-1.1.1/tests/030-xauth-extract.script 2021-11-29 00:33:47.000000000 +0100 @@ -8,7 +8,7 @@ xauth add examplehost2/unix:0 . b90b0fd1cf6a0e7a2c74c00000000002 xauth add examplehost3/unix:0 . b90b0fd1cf6a0e7a2c74c00000000003 -# Use xauth_silent because otherwise the system dependant pathes are printed +# Use xauth_silent because otherwise the system dependent paths are printed XAUTHORITY2=$DATADIR/.Xauthority2 xauth_silent extract $XAUTHORITY2 examplehost2/unix:0 xauth_silent -f $XAUTHORITY2 list
