subject:"CVS commit\: \[netbsd\-7\-0\] xsrc\/external\/mit"

CVS commit: [netbsd-7-0] xsrc/external/mit/libX11/dist/src

2018-08-29 Thread Martin Husemann

Module Name:xsrc
Committed By:   martin
Date:   Wed Aug 29 07:55:51 UTC 2018

Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-7-0]: FontNames.c GetFPath.c
LiHosts.c ListExt.c

Log Message:
Apply patch, requested by mrg in ticket #1635:

xsrc/external/mit/libX11/dist/src/FontNames.c
xsrc/external/mit/libX11/dist/src/GetFPath.c
xsrc/external/mit/libX11/dist/src/LiHosts.c
xsrc/external/mit/libX11/dist/src/ListExt.c

Apply fixes from libX11 1.6.5 for the following vulnerabilities:
Fixed off-by-one writes (CVE-2018-14599)
Validation of server response in XListHosts
Fixed out of boundary write (CVE-2018-14600)
Fixed crash on invalid reply (CVE-2018-14598)
(Backport of upstream git commits b469da1430cdcee06e31c6251b83aede072a1ff0,
 d81da209fd4d0c2c9ad0596a8078e58864479d0d,
 dbf72805fd9d7b1846fe9a11b46f3994bfc27fea,
 e83722768fd5c467ef61fa159e8c6278770b45c2 resp)


To generate a diff of this commit:
cvs rdiff -u -r1.3.4.1 -r1.3.4.2 \
xsrc/external/mit/libX11/dist/src/FontNames.c \
xsrc/external/mit/libX11/dist/src/ListExt.c
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libX11/dist/src/GetFPath.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.6.1 \
xsrc/external/mit/libX11/dist/src/LiHosts.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: xsrc/external/mit/libX11/dist/src/FontNames.c
diff -u xsrc/external/mit/libX11/dist/src/FontNames.c:1.3.4.1 xsrc/external/mit/libX11/dist/src/FontNames.c:1.3.4.2
--- xsrc/external/mit/libX11/dist/src/FontNames.c:1.3.4.1	Wed Oct  5 09:42:35 2016
+++ xsrc/external/mit/libX11/dist/src/FontNames.c	Wed Aug 29 07:55:51 2018
@@ -86,23 +86,16 @@ int *actualCount)	/* RETURN */
 	/*
 	 * unpack into null terminated strings.
 	 */
-	chend = ch + (rlen + 1);
+	chend = ch + rlen;
 	length = *(unsigned char *)ch;
 	*ch = 1; /* make sure it is non-zero for XFreeFontNames */
 	for (i = 0; i < rep.nFonts; i++) {
 	if (ch + length < chend) {
 		flist[i] = ch + 1;  /* skip over length */
 		ch += length + 1;  /* find next length ... */
-		if (ch <= chend) {
-		length = *(unsigned char *)ch;
-		*ch = '\0';  /* and replace with null-termination */
-		count++;
-		} else {
-Xfree(flist);
-flist = NULL;
-count = 0;
-break;
-		}
+		length = *(unsigned char *)ch;
+		*ch = '\0';  /* and replace with null-termination */
+		count++;
 	} else {
 Xfree(flist);
 flist = NULL;
Index: xsrc/external/mit/libX11/dist/src/ListExt.c
diff -u xsrc/external/mit/libX11/dist/src/ListExt.c:1.3.4.1 xsrc/external/mit/libX11/dist/src/ListExt.c:1.3.4.2
--- xsrc/external/mit/libX11/dist/src/ListExt.c:1.3.4.1	Wed Oct  5 09:42:35 2016
+++ xsrc/external/mit/libX11/dist/src/ListExt.c	Wed Aug 29 07:55:51 2018
@@ -74,19 +74,20 @@ char **XListExtensions(
 	/*
 	 * unpack into null terminated strings.
 	 */
-	chend = ch + (rlen + 1);
-	length = *ch;
+	chend = ch + rlen;
+	length = *(unsigned char *)ch;
 	for (i = 0; i < rep.nExtensions; i++) {
 		if (ch + length < chend) {
 		list[i] = ch+1;  /* skip over length */
 		ch += length + 1; /* find next length ... */
-		if (ch <= chend) {
-			length = *ch;
-			*ch = '\0'; /* and replace with null-termination */
-			count++;
-		} else {
-			list[i] = NULL;
-		}
+		length = *(unsigned char *)ch;
+		*ch = '\0'; /* and replace with null-termination */
+		count++;
+		} else if (i == 0) {
+		Xfree(list);
+		Xfree(ch);
+		list = NULL;
+		break;
 		} else
 		list[i] = NULL;
 	}

Index: xsrc/external/mit/libX11/dist/src/GetFPath.c
diff -u xsrc/external/mit/libX11/dist/src/GetFPath.c:1.3 xsrc/external/mit/libX11/dist/src/GetFPath.c:1.3.4.1
--- xsrc/external/mit/libX11/dist/src/GetFPath.c:1.3	Sun Mar 16 22:48:34 2014
+++ xsrc/external/mit/libX11/dist/src/GetFPath.c	Wed Aug 29 07:55:51 2018
@@ -69,15 +69,20 @@ char **XGetFontPath(
 	/*
 	 * unpack into null terminated strings.
 	 */
-	chend = ch + (nbytes + 1);
-	length = *ch;
+	chend = ch + nbytes;
+	length = *(unsigned char *)ch;
 	for (i = 0; i < rep.nPaths; i++) {
 		if (ch + length < chend) {
 		flist[i] = ch+1;  /* skip over length */
 		ch += length + 1; /* find next length ... */
-		length = *ch;
+		length = *(unsigned char *)ch;
 		*ch = '\0'; /* and replace with null-termination */
 		count++;
+		} else if (i == 0) {
+		Xfree(flist);
+		Xfree(ch);
+		flist = NULL;
+		break;
 		} else
 		flist[i] = NULL;
 	}

Index: xsrc/external/mit/libX11/dist/src/LiHosts.c
diff -u xsrc/external/mit/libX11/dist/src/LiHosts.c:1.1.1.5 xsrc/external/mit/libX11/dist/src/LiHosts.c:1.1.1.5.6.1
--- xsrc/external/mit/libX11/dist/src/LiHosts.c:1.1.1.5	Thu May 30 23:04:40 2013
+++

CVS commit: [netbsd-7-0] xsrc/external/mit/libX11/dist/src

2018-08-29 Thread Martin Husemann

Module Name:xsrc
Committed By:   martin
Date:   Wed Aug 29 07:55:51 UTC 2018

Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-7-0]: FontNames.c GetFPath.c
LiHosts.c ListExt.c

Log Message:
Apply patch, requested by mrg in ticket #1635:

xsrc/external/mit/libX11/dist/src/FontNames.c
xsrc/external/mit/libX11/dist/src/GetFPath.c
xsrc/external/mit/libX11/dist/src/LiHosts.c
xsrc/external/mit/libX11/dist/src/ListExt.c

Apply fixes from libX11 1.6.5 for the following vulnerabilities:
Fixed off-by-one writes (CVE-2018-14599)
Validation of server response in XListHosts
Fixed out of boundary write (CVE-2018-14600)
Fixed crash on invalid reply (CVE-2018-14598)
(Backport of upstream git commits b469da1430cdcee06e31c6251b83aede072a1ff0,
 d81da209fd4d0c2c9ad0596a8078e58864479d0d,
 dbf72805fd9d7b1846fe9a11b46f3994bfc27fea,
 e83722768fd5c467ef61fa159e8c6278770b45c2 resp)


To generate a diff of this commit:
cvs rdiff -u -r1.3.4.1 -r1.3.4.2 \
xsrc/external/mit/libX11/dist/src/FontNames.c \
xsrc/external/mit/libX11/dist/src/ListExt.c
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libX11/dist/src/GetFPath.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.6.1 \
xsrc/external/mit/libX11/dist/src/LiHosts.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: [netbsd-7-0] xsrc/external/mit

2016-10-05 Thread Manuel Bouyer

Module Name:xsrc
Committed By:   bouyer
Date:   Wed Oct  5 09:42:36 UTC 2016

Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-7-0]: FontNames.c GetImage.c
ListExt.c ModMap.c
xsrc/external/mit/libXfixes/dist/src [netbsd-7-0]: Region.c
xsrc/external/mit/libXi/dist/src [netbsd-7-0]: XGMotion.c XGetBMap.c
XGetDCtl.c XGetFCtl.c XGetKMap.c XGetMMap.c XIQueryDevice.c
XListDev.c XOpenDev.c XQueryDv.c
xsrc/external/mit/libXrandr/dist/src [netbsd-7-0]: XrrConfig.c
XrrCrtc.c XrrOutput.c XrrProvider.c XrrScreen.c
xsrc/external/mit/libXrender/dist/src [netbsd-7-0]: Filter.c Xrender.c
xsrc/external/mit/libXtst/dist/src [netbsd-7-0]: XRecord.c
xsrc/external/mit/libXv/dist/src [netbsd-7-0]: Xv.c
xsrc/external/mit/libXvMC/dist/src [netbsd-7-0]: XvMC.c

Log Message:
Apply patch, requested my mrg in ticket 1262:
xsrc/external/mit/libX11/dist/src/FontNames.c   patch
xsrc/external/mit/libX11/dist/src/GetImage.cpatch
xsrc/external/mit/libX11/dist/src/ListExt.c patch
xsrc/external/mit/libX11/dist/src/ModMap.c  patch
xsrc/external/mit/libXfixes/dist/src/Region.c   patch
xsrc/external/mit/libXi/dist/src/XGMotion.c patch
xsrc/external/mit/libXi/dist/src/XGetBMap.c patch
xsrc/external/mit/libXi/dist/src/XGetDCtl.c patch
xsrc/external/mit/libXi/dist/src/XGetFCtl.c patch
xsrc/external/mit/libXi/dist/src/XGetKMap.c patch
xsrc/external/mit/libXi/dist/src/XGetMMap.c patch
xsrc/external/mit/libXi/dist/src/XIQueryDevice.cpatch
xsrc/external/mit/libXi/dist/src/XListDev.c patch
xsrc/external/mit/libXi/dist/src/XOpenDev.c patch
xsrc/external/mit/libXi/dist/src/XQueryDv.c patch
xsrc/external/mit/libXrandr/dist/src/XrrConfig.cpatch
xsrc/external/mit/libXrandr/dist/src/XrrCrtc.c  patch
xsrc/external/mit/libXrandr/dist/src/XrrOutput.cpatch
xsrc/external/mit/libXrandr/dist/src/XrrProvider.c  patch
xsrc/external/mit/libXrandr/dist/src/XrrScreen.cpatch
xsrc/external/mit/libXrender/dist/src/Filter.c  patch
xsrc/external/mit/libXrender/dist/src/Xrender.c patch
xsrc/external/mit/libXtst/dist/src/XRecord.cpatch
xsrc/external/mit/libXv/dist/src/Xv.c   patch
xsrc/external/mit/libXvMC/dist/src/XvMC.c   patch

Fix (backported from upstream) the following issues in X client
libraries:
libX11 - insufficient validation of data from the X server
 can cause out of boundary memory read (XGetImage())
 or write (XListFonts()).
 Affected versions libX11 <= 1.6.3

libXfixes - insufficient validation of data from the X server
can cause an integer overflow on 32 bit architectures.
Affected versions : libXfixes <= 5.0.2

libXi - insufficient validation of data from the X server
can cause out of boundary memory access or
endless loops (Denial of Service).
Affected versions libXi <= 1.7.6

libXrandr - insufficient validation of data from the X server
can cause out of boundary memory writes.
Affected versions: libXrandr <= 1.5.0

libXrender - insufficient validation of data from the X server
can cause out of boundary memory writes.
Affected version: libXrender <= 0.9.9

XRecord - insufficient validation of data from the X server
can cause out of boundary memory access or
endless loops (Denial of Service).
 Affected version libXtst <= 1.2.2

libXv - insufficient validation of data from the X server
can cause out of boundary memory and memory corruption.
CVE-2016-5407
affected versions libXv <= 1.0.10

libXvMC - insufficient validation of data from the X server
can cause a one byte buffer read underrun.
Affected versions: libXvMC <= 1.0.9


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libX11/dist/src/FontNames.c \
xsrc/external/mit/libX11/dist/src/ListExt.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.6.1 \
xsrc/external/mit/libX11/dist/src/GetImage.c
cvs rdiff -u -r1.4 -r1.4.4.1 xsrc/external/mit/libX11/dist/src/ModMap.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.6.1 \
xsrc/external/mit/libXfixes/dist/src/Region.c
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libXi/dist/src/XGMotion.c \
xsrc/external/mit/libXi/dist/src/XGetDCtl.c \
xsrc/external/mit/libXi/dist/src/XListDev.c \
xsrc/external/mit/libXi/dist/src/XQueryDv.c
cvs rdiff -u -r1.2 -r1.2.6.1 xsrc/external/mit/libXi/dist/src/XGetBMap.c
cvs rdiff -u -r1.4 -r1.4.4.1 xsrc/external/mit/libXi/dist/src/XGetFCtl.c
cvs rdiff -u -r1.1.1.4

CVS commit: [netbsd-7-0] xsrc/external/mit

2016-10-05 Thread Manuel Bouyer

Module Name:xsrc
Committed By:   bouyer
Date:   Wed Oct  5 09:42:36 UTC 2016

Modified Files:
xsrc/external/mit/libX11/dist/src [netbsd-7-0]: FontNames.c GetImage.c
ListExt.c ModMap.c
xsrc/external/mit/libXfixes/dist/src [netbsd-7-0]: Region.c
xsrc/external/mit/libXi/dist/src [netbsd-7-0]: XGMotion.c XGetBMap.c
XGetDCtl.c XGetFCtl.c XGetKMap.c XGetMMap.c XIQueryDevice.c
XListDev.c XOpenDev.c XQueryDv.c
xsrc/external/mit/libXrandr/dist/src [netbsd-7-0]: XrrConfig.c
XrrCrtc.c XrrOutput.c XrrProvider.c XrrScreen.c
xsrc/external/mit/libXrender/dist/src [netbsd-7-0]: Filter.c Xrender.c
xsrc/external/mit/libXtst/dist/src [netbsd-7-0]: XRecord.c
xsrc/external/mit/libXv/dist/src [netbsd-7-0]: Xv.c
xsrc/external/mit/libXvMC/dist/src [netbsd-7-0]: XvMC.c

Log Message:
Apply patch, requested my mrg in ticket 1262:
xsrc/external/mit/libX11/dist/src/FontNames.c   patch
xsrc/external/mit/libX11/dist/src/GetImage.cpatch
xsrc/external/mit/libX11/dist/src/ListExt.c patch
xsrc/external/mit/libX11/dist/src/ModMap.c  patch
xsrc/external/mit/libXfixes/dist/src/Region.c   patch
xsrc/external/mit/libXi/dist/src/XGMotion.c patch
xsrc/external/mit/libXi/dist/src/XGetBMap.c patch
xsrc/external/mit/libXi/dist/src/XGetDCtl.c patch
xsrc/external/mit/libXi/dist/src/XGetFCtl.c patch
xsrc/external/mit/libXi/dist/src/XGetKMap.c patch
xsrc/external/mit/libXi/dist/src/XGetMMap.c patch
xsrc/external/mit/libXi/dist/src/XIQueryDevice.cpatch
xsrc/external/mit/libXi/dist/src/XListDev.c patch
xsrc/external/mit/libXi/dist/src/XOpenDev.c patch
xsrc/external/mit/libXi/dist/src/XQueryDv.c patch
xsrc/external/mit/libXrandr/dist/src/XrrConfig.cpatch
xsrc/external/mit/libXrandr/dist/src/XrrCrtc.c  patch
xsrc/external/mit/libXrandr/dist/src/XrrOutput.cpatch
xsrc/external/mit/libXrandr/dist/src/XrrProvider.c  patch
xsrc/external/mit/libXrandr/dist/src/XrrScreen.cpatch
xsrc/external/mit/libXrender/dist/src/Filter.c  patch
xsrc/external/mit/libXrender/dist/src/Xrender.c patch
xsrc/external/mit/libXtst/dist/src/XRecord.cpatch
xsrc/external/mit/libXv/dist/src/Xv.c   patch
xsrc/external/mit/libXvMC/dist/src/XvMC.c   patch

Fix (backported from upstream) the following issues in X client
libraries:
libX11 - insufficient validation of data from the X server
 can cause out of boundary memory read (XGetImage())
 or write (XListFonts()).
 Affected versions libX11 <= 1.6.3

libXfixes - insufficient validation of data from the X server
can cause an integer overflow on 32 bit architectures.
Affected versions : libXfixes <= 5.0.2

libXi - insufficient validation of data from the X server
can cause out of boundary memory access or
endless loops (Denial of Service).
Affected versions libXi <= 1.7.6

libXrandr - insufficient validation of data from the X server
can cause out of boundary memory writes.
Affected versions: libXrandr <= 1.5.0

libXrender - insufficient validation of data from the X server
can cause out of boundary memory writes.
Affected version: libXrender <= 0.9.9

XRecord - insufficient validation of data from the X server
can cause out of boundary memory access or
endless loops (Denial of Service).
 Affected version libXtst <= 1.2.2

libXv - insufficient validation of data from the X server
can cause out of boundary memory and memory corruption.
CVE-2016-5407
affected versions libXv <= 1.0.10

libXvMC - insufficient validation of data from the X server
can cause a one byte buffer read underrun.
Affected versions: libXvMC <= 1.0.9


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libX11/dist/src/FontNames.c \
xsrc/external/mit/libX11/dist/src/ListExt.c
cvs rdiff -u -r1.1.1.5 -r1.1.1.5.6.1 \
xsrc/external/mit/libX11/dist/src/GetImage.c
cvs rdiff -u -r1.4 -r1.4.4.1 xsrc/external/mit/libX11/dist/src/ModMap.c
cvs rdiff -u -r1.1.1.3 -r1.1.1.3.6.1 \
xsrc/external/mit/libXfixes/dist/src/Region.c
cvs rdiff -u -r1.3 -r1.3.4.1 xsrc/external/mit/libXi/dist/src/XGMotion.c \
xsrc/external/mit/libXi/dist/src/XGetDCtl.c \
xsrc/external/mit/libXi/dist/src/XListDev.c \
xsrc/external/mit/libXi/dist/src/XQueryDv.c
cvs rdiff -u -r1.2 -r1.2.6.1 xsrc/external/mit/libXi/dist/src/XGetBMap.c
cvs rdiff -u -r1.4 -r1.4.4.1 xsrc/external/mit/libXi/dist/src/XGetFCtl.c
cvs rdiff -u -r1.1.1.4

CVS commit: [netbsd-7-0] xsrc/external/mit/libX11/dist/src

CVS commit: [netbsd-7-0] xsrc/external/mit/libX11/dist/src

CVS commit: [netbsd-7-0] xsrc/external/mit

CVS commit: [netbsd-7-0] xsrc/external/mit

4 matches

Site Navigation

Mail list logo

Footer information