Hello community, here is the log from the commit of package libXxf86vm for openSUSE:Factory checked in at 2013-06-05 12:01:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libXxf86vm (Old) and /work/SRC/openSUSE:Factory/.libXxf86vm.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXxf86vm" Changes: -------- --- /work/SRC/openSUSE:Factory/libXxf86vm/libXxf86vm.changes 2013-03-22 12:00:49.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libXxf86vm.new/libXxf86vm.changes 2013-06-05 12:01:29.000000000 +0200 @@ -1,0 +2,8 @@ +Sat Jun 1 20:07:42 UTC 2013 - [email protected] + +- Update to version 1.1.3: + This release provides the fixes for the recently announced security issue + CVE-2013-2001 along with a number of other fixes to the error handling + code found while investigating that issue. + +------------------------------------------------------------------- Old: ---- libXxf86vm-1.1.2.tar.bz2 New: ---- libXxf86vm-1.1.3.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libXxf86vm.spec ++++++ --- /var/tmp/diff_new_pack.owLTE6/_old 2013-06-05 12:01:30.000000000 +0200 +++ /var/tmp/diff_new_pack.owLTE6/_new 2013-06-05 12:01:30.000000000 +0200 @@ -18,7 +18,7 @@ Name: libXxf86vm %define lname libXxf86vm1 -Version: 1.1.2 +Version: 1.1.3 Release: 0 Summary: XFree86-VidMode X extension library License: MIT ++++++ libXxf86vm-1.1.2.tar.bz2 -> libXxf86vm-1.1.3.tar.bz2 ++++++ ++++ 13320 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/ChangeLog new/libXxf86vm-1.1.3/ChangeLog --- old/libXxf86vm-1.1.2/ChangeLog 2012-03-08 06:41:22.000000000 +0100 +++ new/libXxf86vm-1.1.3/ChangeLog 2013-05-31 03:43:54.000000000 +0200 @@ -1,3 +1,132 @@ +commit 4ca5d221d35ed6981247caa5d5069f083e83b7fb +Author: Alan Coopersmith <[email protected]> +Date: Thu May 30 18:43:11 2013 -0700 + + libXxf86vm 1.1.3 + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 4c4123441e40da97acd10f58911193ad3dcef5cd +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 14:43:48 2013 -0700 + + avoid integer overflow in XF86VidModeGetModeLine() + + rep.privsize is a CARD32 and needs to be bounds checked before multiplying + by sizeof(INT32) to come up with the total size to allocate & read to avoid + integer overflow, though it would not result in buffer overflow as the same + calculation was used for both allocation & reading from the network. + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 47bb28ac0e6e49d3b6eb90c7c215f2fcf54f1a95 +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 14:33:32 2013 -0700 + + memory corruption in XF86VidModeGetGammaRamp() [CVE-2013-2001] + + We trusted the server not to return more data than the client said it had + allocated room for, and would overflow the provided buffers if it did. + + Reported-by: Ilja Van Sprundel <[email protected]> + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 284a88e21fc05a63466115b33efa411c60d988c9 +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 14:24:12 2013 -0700 + + Use _XEatDataWords to avoid overflow of length calculations + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit d0355b28dd53fba6fb29c350e090ed4a73d4c480 +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 17:58:28 2013 -0700 + + Unlock display before returning alloc error in XF86VidModeGetDotClocks() + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit 6c82906f25abcb0f8ec92bcdaf1872bd8b63ca5d +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 17:54:45 2013 -0700 + + Unlock display before returning alloc error in XF86VidModeGetAllModeLines() + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit 8ed00bd0a7c44c7fece687e2566d920ea74ef809 +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 17:52:12 2013 -0700 + + Unlock display before returning alloc error in XF86VidModeGetModeLine() + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit a89b1ad3377bfef9bab52f15f98b00f6540d531a +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 17:40:24 2013 -0700 + + Improve error handling in XF86VidModeGetMonitor() + + Ensure that when we return an error we unlock the display first, and + NULL out any pointers we freed in error cleanup. + + Instead of adding these fixes to every error check, instead combine + the error handling cleanup into a single copy. + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit ef95f1c3737d9efc7d97fb1784f80ef3540a846b +Author: Alan Coopersmith <[email protected]> +Date: Sat Apr 13 15:13:06 2013 -0700 + + When Xcalloc() returns NULL, you don't need to Xfree() it + + I have no words to explain how this ever happened. + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit 6772336755c6eb5b46c471dd5ae2ac89101ed179 +Author: Alan Coopersmith <[email protected]> +Date: Fri Jan 18 23:15:31 2013 -0800 + + Replace deprecated Automake INCLUDES variable with AM_CPPFLAGS + + Excerpt https://lists.gnu.org/archive/html/automake/2012-12/msg00038.html + + - Support for the long-deprecated INCLUDES variable will be removed + altogether in Automake 1.14. The AM_CPPFLAGS variable should be + used instead. + + This variable was deprecated in Automake releases prior to 1.10, which is + the current minimum level required to build X. + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 9f56d200d3675fe3e178001112c563d548376b7a +Author: Colin Walters <[email protected]> +Date: Tue Jan 15 14:39:40 2013 -0500 + + autogen.sh: Honor NOCONFIGURE environment variable + + http://people.gnome.org/~walters/docs/build-api.txt + + Signed-off-by: Adam Jackson <[email protected]> + +commit 6528ae139506212644dc68a0696580c848e3f8de +Author: Adam Jackson <[email protected]> +Date: Tue Jan 15 14:28:48 2013 -0500 + + configure: Remove AM_MAINTAINER_MODE + + Signed-off-by: Adam Jackson <[email protected]> + commit a0bd361fe688590b7d62ffb3ad1c1648a22096d4 Author: Alan Coopersmith <[email protected]> Date: Wed Mar 7 21:39:46 2012 -0800 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/configure.ac new/libXxf86vm-1.1.3/configure.ac --- old/libXxf86vm-1.1.2/configure.ac 2012-03-08 06:39:59.000000000 +0100 +++ new/libXxf86vm-1.1.3/configure.ac 2013-05-31 03:43:20.000000000 +0200 @@ -1,14 +1,13 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([libXxf86vm], [1.1.2], +AC_INIT([libXxf86vm], [1.1.3], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXxf86vm]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS(src/config.h) # Initialize Automake AM_INIT_AUTOMAKE([foreign dist-bzip2]) -AM_MAINTAINER_MODE # Initialize libtool AC_PROG_LIBTOOL @@ -23,6 +22,12 @@ # Obtain compiler/linker options for depedencies PKG_CHECK_MODULES(XXF86VM, xproto x11 xextproto xext [xf86vidmodeproto >= 2.2.99.1]) +# Check for _XEatDataWords function that may be patched into older Xlib release +SAVE_LIBS="$LIBS" +LIBS="$XXF86VM_LIBS" +AC_CHECK_FUNCS([_XEatDataWords]) +LIBS="$SAVE_LIBS" + AC_CONFIG_FILES([Makefile src/Makefile man/Makefile diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/missing new/libXxf86vm-1.1.3/missing --- old/libXxf86vm-1.1.2/missing 2012-03-08 06:40:09.000000000 +0100 +++ new/libXxf86vm-1.1.3/missing 2013-05-31 03:43:35.000000000 +0200 @@ -1,11 +1,10 @@ #! /bin/sh -# Common stub for a few missing GNU programs while installing. +# Common wrapper for a few potentially missing GNU programs. -scriptversion=2009-04-28.21; # UTC +scriptversion=2012-06-26.16; # UTC -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006, -# 2008, 2009 Free Software Foundation, Inc. -# Originally by Fran,cois Pinard <[email protected]>, 1996. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Originally written by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,69 +25,40 @@ # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "Try '$0 --help' for more information" exit 1 fi -run=: -sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' -sed_minuso='s/.* -o \([^ ]*\).*/\1/p' - -# In the cases where this matters, `missing' is being run in the -# srcdir already. -if test -f configure.ac; then - configure_ac=configure.ac -else - configure_ac=configure.in -fi +case $1 in -msg="missing on your system" + --is-lightweight) + # Used by our autoconf macros to check whether the available missing + # script is modern enough. + exit 0 + ;; -case $1 in ---run) - # Try to run requested program, and just exit if it succeeds. - run= - shift - "$@" && exit 0 - # Exit code 63 means version mismatch. This often happens - # when the user try to use an ancient version of a tool on - # a file that requires a minimum version. In this case we - # we should proceed has if the program had been absent, or - # if --run hadn't been passed. - if test $? = 63; then - run=: - msg="probably too old" - fi - ;; + --run) + # Back-compat with the calling convention used by older automake. + shift + ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. +Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due +to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit - --run try to run the given command, and emulate it if it fails Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - tar try tar, gnutar, gtar, then tar without non-portable flags - yacc create \`y.tab.[ch]', if possible, from existing .[ch] + aclocal autoconf autoheader autom4te automake makeinfo + bison yacc flex lex help2man -Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and -\`g' are ignored when checking the name. +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. Send bug reports to <[email protected]>." exit $? @@ -100,272 +70,141 @@ ;; -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "$0: unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac -# normalize program name to check for. -program=`echo "$1" | sed ' - s/^gnu-//; t - s/^gnu//; t - s/^g//; t'` - -# Now exit if we have it, but it failed. Also exit now if we -# don't have it and --version was passed (most likely to detect -# the program). This is about non-GNU programs, so use $1 not -# $program. -case $1 in - lex*|yacc*) - # Not GNU programs, they don't have --version. - ;; - - tar*) - if test -n "$run"; then - echo 1>&2 "ERROR: \`tar' requires --run" - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - exit 1 - fi - ;; +# Run the given program, remember its exit status. +"$@"; st=$? - *) - if test -z "$run" && ($1 --version) > /dev/null 2>&1; then - # We have it, but it failed. - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether - # $TOOL exists and not knowing $TOOL uses missing. - exit 1 - fi - ;; -esac - -# If it does not exist, or fails to run (possibly an outdated version), -# try to emulate it. -case $program in - aclocal*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case $f in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; +# If it succeeded, we are done. +test $st -eq 0 && exit 0 - autom4te*) - echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. - You might have modified some files without having the - proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU - archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo "#! /bin/sh" - echo "# Created by GNU Automake missing as a replacement of" - echo "# $ $@" - echo "exit 0" - chmod +x $file - exit 1 - fi - ;; - - bison*|yacc*) - echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if test ! -f y.tab.h; then - echo >y.tab.h - fi - if test ! -f y.tab.c; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex*|flex*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if test ! -f lex.yy.c; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - help2man*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo ".ab help2man is required to generate this page" - exit $? - fi - ;; - - makeinfo*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - # The file to touch is that specified with -o ... - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -z "$file"; then - # ... or it is the one specified with @setfilename ... - infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n ' - /^@setfilename/{ - s/.* \([^ ]*\) *$/\1/ - p - q - }' $infile` - # ... or it is derived from the source name (dir/f.texi becomes f.info) - test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info - fi - # If the file does not exist, the user really needs makeinfo; - # let's fail without touching anything. - test -f $file || exit 1 - touch $file - ;; - - tar*) - shift - - # We have already tried tar in the generic part. - # Look for gnutar/gtar before invocation to avoid ugly error - # messages. - if (gnutar --version > /dev/null 2>&1); then - gnutar "$@" && exit 0 - fi - if (gtar --version > /dev/null 2>&1); then - gtar "$@" && exit 0 - fi - firstarg="$1" - if shift; then - case $firstarg in - *o*) - firstarg=`echo "$firstarg" | sed s/o//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - case $firstarg in - *h*) - firstarg=`echo "$firstarg" | sed s/h//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - fi - - echo 1>&2 "\ -WARNING: I can't seem to be able to run \`tar' with the given arguments. - You may want to install GNU tar or Free paxutils, or check the - command line arguments." - exit 1 - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. - You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequisites for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac +# Also exit now if we it failed (or wasn't found), and '--version' was +# passed; such an option is passed most likely to detect whether the +# program is present and works. +case $2 in --version|--help) exit $st;; esac + +# Exit code 63 means version mismatch. This often happens when the user +# tries to use an ancient version of a tool on a file that requires a +# minimum version. +if test $st -eq 63; then + msg="probably too old" +elif test $st -eq 127; then + # Program was missing. + msg="missing on your system" +else + # Program was found and executed, but failed. Give up. + exit $st +fi -exit 0 +perl_URL=http://www.perl.org/ +flex_URL=http://flex.sourceforge.net/ +gnu_software_URL=http://www.gnu.org/software + +program_details () +{ + case $1 in + aclocal|automake) + echo "The '$1' program is part of the GNU Automake package:" + echo "<$gnu_software_URL/automake>" + echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/autoconf>" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + autoconf|autom4te|autoheader) + echo "The '$1' program is part of the GNU Autoconf package:" + echo "<$gnu_software_URL/autoconf/>" + echo "It also requires GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + esac +} + +give_advice () +{ + # Normalize program name to check for. + normalized_program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + + printf '%s\n' "'$1' is $msg." + + configure_deps="'configure.ac' or m4 files included by 'configure.ac'" + case $normalized_program in + autoconf*) + echo "You should only need it if you modified 'configure.ac'," + echo "or m4 files included by it." + program_details 'autoconf' + ;; + autoheader*) + echo "You should only need it if you modified 'acconfig.h' or" + echo "$configure_deps." + program_details 'autoheader' + ;; + automake*) + echo "You should only need it if you modified 'Makefile.am' or" + echo "$configure_deps." + program_details 'automake' + ;; + aclocal*) + echo "You should only need it if you modified 'acinclude.m4' or" + echo "$configure_deps." + program_details 'aclocal' + ;; + autom4te*) + echo "You might have modified some maintainer files that require" + echo "the 'automa4te' program to be rebuilt." + program_details 'autom4te' + ;; + bison*|yacc*) + echo "You should only need it if you modified a '.y' file." + echo "You may want to install the GNU Bison package:" + echo "<$gnu_software_URL/bison/>" + ;; + lex*|flex*) + echo "You should only need it if you modified a '.l' file." + echo "You may want to install the Fast Lexical Analyzer package:" + echo "<$flex_URL>" + ;; + help2man*) + echo "You should only need it if you modified a dependency" \ + "of a man page." + echo "You may want to install the GNU Help2man package:" + echo "<$gnu_software_URL/help2man/>" + ;; + makeinfo*) + echo "You should only need it if you modified a '.texi' file, or" + echo "any other file indirectly affecting the aspect of the manual." + echo "You might want to install the Texinfo package:" + echo "<$gnu_software_URL/texinfo/>" + echo "The spurious makeinfo call might also be the consequence of" + echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" + echo "want to install GNU make:" + echo "<$gnu_software_URL/make/>" + ;; + *) + echo "You might have modified some files without having the proper" + echo "tools for further handling them. Check the 'README' file, it" + echo "often tells you about the needed prerequisites for installing" + echo "this package. You may also peek at any GNU archive site, in" + echo "case some other package contains this missing '$1' program." + ;; + esac +} + +give_advice "$1" | sed -e '1s/^/WARNING: /' \ + -e '2,$s/^/ /' >&2 + +# Propagate the correct exit status (expected to be 127 for a program +# not found, 63 for a program that failed due to version mismatch). +exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/src/Makefile.am new/libXxf86vm-1.1.3/src/Makefile.am --- old/libXxf86vm-1.1.2/src/Makefile.am 2012-03-08 06:39:59.000000000 +0100 +++ new/libXxf86vm-1.1.3/src/Makefile.am 2013-05-31 03:43:20.000000000 +0200 @@ -3,10 +3,10 @@ libXxf86vm_la_SOURCES = XF86VMode.c AM_CFLAGS = $(XXF86VM_CFLAGS) $(MALLOC_ZERO_CFLAGS) +AM_CPPFLAGS = -I$(top_srcdir)/include + libXxf86vm_la_LIBADD = $(XXF86VM_LIBS) libXxf86vm_la_LDFLAGS = -version-number 1:0:0 -INCLUDES = -I$(top_srcdir)/include - libXxf86vmincludedir = $(includedir)/X11/extensions libXxf86vminclude_HEADERS = $(top_srcdir)/include/X11/extensions/xf86vmode.h diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/src/XF86VMode.c new/libXxf86vm-1.1.3/src/XF86VMode.c --- old/libXxf86vm-1.1.2/src/XF86VMode.c 2012-03-08 06:39:59.000000000 +0100 +++ new/libXxf86vm-1.1.3/src/XF86VMode.c 2013-05-31 03:43:20.000000000 +0200 @@ -30,11 +30,27 @@ /* THIS IS NOT AN X CONSORTIUM STANDARD */ +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + #include <X11/Xlibint.h> #include <X11/extensions/xf86vmproto.h> #include <X11/extensions/xf86vmode.h> #include <X11/extensions/Xext.h> #include <X11/extensions/extutil.h> +#include <limits.h> + +#ifndef HAVE__XEATDATAWORDS +static inline void _XEatDataWords(Display *dpy, unsigned long n) +{ +# ifndef LONG64 + if (n >= (ULONG_MAX >> 2)) + _XIOError(dpy); +# endif + _XEatData (dpy, n << 2); +} +#endif #ifdef DEBUG #include <stdio.h> @@ -203,6 +219,7 @@ xXF86OldVidModeGetModeLineReply oldrep; xXF86VidModeGetModeLineReq *req; int majorVersion, minorVersion; + Bool result = True; XF86VidModeCheckExtension (dpy, info, False); XF86VidModeQueryVersion(dpy, &majorVersion, &minorVersion); @@ -254,18 +271,22 @@ } if (modeline->privsize > 0) { - if (!(modeline->private = Xcalloc(modeline->privsize, sizeof(INT32)))) { - _XEatData(dpy, (modeline->privsize) * sizeof(INT32)); - Xfree(modeline->private); - return False; - } - _XRead(dpy, (char*)modeline->private, modeline->privsize * sizeof(INT32)); + if (modeline->privsize < (INT_MAX / sizeof(INT32))) + modeline->private = Xcalloc(modeline->privsize, sizeof(INT32)); + else + modeline->private = NULL; + if (modeline->private == NULL) { + _XEatDataWords(dpy, rep.length - + ((SIZEOF(xXF86VidModeGetModeLineReply) - SIZEOF(xReply)) >> 2)); + result = False; + } else + _XRead(dpy, (char*)modeline->private, modeline->privsize * sizeof(INT32)); } else { modeline->private = NULL; } UnlockDisplay(dpy); SyncHandle(); - return True; + return result; } Bool @@ -317,11 +338,10 @@ if (!(modelines = (XF86VidModeModeInfo **) Xcalloc(rep.modecount, sizeof(XF86VidModeModeInfo *) +sizeof(XF86VidModeModeInfo)))) { - if (majorVersion < 2) - _XEatData(dpy, (rep.modecount) * sizeof(xXF86OldVidModeModeInfo)); - else - _XEatData(dpy, (rep.modecount) * sizeof(xXF86VidModeModeInfo)); - Xfree(modelines); + _XEatDataWords(dpy, rep.length - + ((SIZEOF(xXF86VidModeGetAllModeLinesReply) - SIZEOF(xReply)) >> 2)); + UnlockDisplay(dpy); + SyncHandle(); return False; } mdinfptr = (XF86VidModeModeInfo *) ( @@ -352,8 +372,7 @@ if (oldxmdline.privsize > 0) { if (!(modelines[i]->private = Xcalloc(oldxmdline.privsize, sizeof(INT32)))) { - _XEatData(dpy, (oldxmdline.privsize) * sizeof(INT32)); - Xfree(modelines[i]->private); + _XEatDataWords(dpy, oldxmdline.privsize); } else { _XRead(dpy, (char*)modelines[i]->private, oldxmdline.privsize * sizeof(INT32)); @@ -383,8 +402,7 @@ if (xmdline.privsize > 0) { if (!(modelines[i]->private = Xcalloc(xmdline.privsize, sizeof(INT32)))) { - _XEatData(dpy, (xmdline.privsize) * sizeof(INT32)); - Xfree(modelines[i]->private); + _XEatDataWords(dpy, xmdline.privsize); } else { _XRead(dpy, (char*)modelines[i]->private, xmdline.privsize * sizeof(INT32)); @@ -860,6 +878,7 @@ xXF86VidModeGetMonitorReq *req; CARD32 syncrange; int i; + Bool result = True; XF86VidModeCheckExtension (dpy, info, False); @@ -879,63 +898,57 @@ monitor->bandwidth = (float)rep.bandwidth / 1e6; #endif if (rep.vendorLength) { - if (!(monitor->vendor = (char *)Xcalloc(rep.vendorLength + 1, 1))) { - _XEatData(dpy, (rep.nhsync + rep.nvsync) * 4 + - ((rep.vendorLength+3) & ~3) + ((rep.modelLength+3) & ~3)); - return False; - } + monitor->vendor = Xcalloc(rep.vendorLength + 1, 1); + if (monitor->vendor == NULL) + result = False; } else { monitor->vendor = NULL; } - if (rep.modelLength) { - if (!(monitor->model = Xcalloc(rep.modelLength + 1, 1))) { - _XEatData(dpy, (rep.nhsync + rep.nvsync) * 4 + - ((rep.vendorLength+3) & ~3) + ((rep.modelLength+3) & ~3)); - if (monitor->vendor) - Xfree(monitor->vendor); - return False; - } + if (result && rep.modelLength) { + monitor->model = Xcalloc(rep.modelLength + 1, 1); + if (monitor->model == NULL) + result = False; } else { monitor->model = NULL; } - if (!(monitor->hsync = Xcalloc(rep.nhsync, sizeof(XF86VidModeSyncRange)))) { - _XEatData(dpy, (rep.nhsync + rep.nvsync) * 4 + - ((rep.vendorLength+3) & ~3) + ((rep.modelLength+3) & ~3)); - - if (monitor->vendor) - Xfree(monitor->vendor); - if (monitor->model) - Xfree(monitor->model); - return False; + if (result) { + monitor->hsync = Xcalloc(rep.nhsync, sizeof(XF86VidModeSyncRange)); + monitor->vsync = Xcalloc(rep.nvsync, sizeof(XF86VidModeSyncRange)); + if ((monitor->hsync == NULL) || (monitor->vsync == NULL)) + result = False; + } else { + monitor->hsync = monitor->vsync = NULL; } - if (!(monitor->vsync = Xcalloc(rep.nvsync, sizeof(XF86VidModeSyncRange)))) { - _XEatData(dpy, (rep.nhsync + rep.nvsync) * 4 + - ((rep.vendorLength+3) & ~3) + ((rep.modelLength+3) & ~3)); - if (monitor->vendor) - Xfree(monitor->vendor); - if (monitor->model) - Xfree(monitor->model); + if (result == False) { + _XEatDataWords(dpy, rep.length); + Xfree(monitor->vendor); + monitor->vendor = NULL; + Xfree(monitor->model); + monitor->model = NULL; Xfree(monitor->hsync); - return False; + monitor->hsync = NULL; + Xfree(monitor->vsync); + monitor->vsync = NULL; + } + else { + for (i = 0; i < rep.nhsync; i++) { + _XRead(dpy, (char *)&syncrange, 4); + monitor->hsync[i].lo = (float)(syncrange & 0xFFFF) / 100.0; + monitor->hsync[i].hi = (float)(syncrange >> 16) / 100.0; + } + for (i = 0; i < rep.nvsync; i++) { + _XRead(dpy, (char *)&syncrange, 4); + monitor->vsync[i].lo = (float)(syncrange & 0xFFFF) / 100.0; + monitor->vsync[i].hi = (float)(syncrange >> 16) / 100.0; + } + if (rep.vendorLength) + _XReadPad(dpy, monitor->vendor, rep.vendorLength); + if (rep.modelLength) + _XReadPad(dpy, monitor->model, rep.modelLength); } - for (i = 0; i < rep.nhsync; i++) { - _XRead(dpy, (char *)&syncrange, 4); - monitor->hsync[i].lo = (float)(syncrange & 0xFFFF) / 100.0; - monitor->hsync[i].hi = (float)(syncrange >> 16) / 100.0; - } - for (i = 0; i < rep.nvsync; i++) { - _XRead(dpy, (char *)&syncrange, 4); - monitor->vsync[i].lo = (float)(syncrange & 0xFFFF) / 100.0; - monitor->vsync[i].hi = (float)(syncrange >> 16) / 100.0; - } - if (rep.vendorLength) - _XReadPad(dpy, monitor->vendor, rep.vendorLength); - if (rep.modelLength) - _XReadPad(dpy, monitor->model, rep.modelLength); - UnlockDisplay(dpy); SyncHandle(); - return True; + return result; } Bool @@ -1018,6 +1031,7 @@ xXF86VidModeGetDotClocksReq *req; int i, *dotclocks; CARD32 dotclk; + Bool result = True; XF86VidModeCheckExtension (dpy, info, False); @@ -1037,20 +1051,22 @@ *maxclocksPtr = rep.maxclocks; *flagsPtr = rep.flags; - if (!(dotclocks = (int*) Xcalloc(rep.clocks, sizeof(int)))) { - _XEatData(dpy, (rep.clocks) * 4); - Xfree(dotclocks); - return False; - } - - for (i = 0; i < rep.clocks; i++) { - _XRead(dpy, (char*)&dotclk, 4); - dotclocks[i] = dotclk; + dotclocks = Xcalloc(rep.clocks, sizeof(int)); + if (dotclocks == NULL) { + _XEatDataWords(dpy, rep.length - + ((SIZEOF(xXF86VidModeGetDotClocksReply) - SIZEOF(xReply)) >> 2)); + result = False; + } + else { + for (i = 0; i < rep.clocks; i++) { + _XRead(dpy, (char*)&dotclk, 4); + dotclocks[i] = dotclk; + } } *clocksPtr = dotclocks; UnlockDisplay(dpy); SyncHandle(); - return True; + return result; } Bool @@ -1097,6 +1113,7 @@ XExtDisplayInfo *info = find_display (dpy); xXF86VidModeGetGammaRampReq *req; xXF86VidModeGetGammaRampReply rep; + Bool result = True; XF86VidModeCheckExtension (dpy, info, False); @@ -1107,19 +1124,23 @@ req->screen = screen; req->size = size; if (!_XReply (dpy, (xReply *) &rep, 0, xFalse)) { - UnlockDisplay (dpy); - SyncHandle (); - return False; + result = False; } - if(rep.size) { - _XRead(dpy, (char*)red, rep.size << 1); - _XRead(dpy, (char*)green, rep.size << 1); - _XRead(dpy, (char*)blue, rep.size << 1); + else if (rep.size) { + if (rep.size <= size) { + _XRead(dpy, (char*)red, rep.size << 1); + _XRead(dpy, (char*)green, rep.size << 1); + _XRead(dpy, (char*)blue, rep.size << 1); + } + else { + _XEatDataWords(dpy, rep.length); + result = False; + } } UnlockDisplay(dpy); SyncHandle(); - return True; + return result; } Bool XF86VidModeGetGammaRampSize( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXxf86vm-1.1.2/src/config.h.in new/libXxf86vm-1.1.3/src/config.h.in --- old/libXxf86vm-1.1.2/src/config.h.in 2012-03-08 06:40:08.000000000 +0100 +++ new/libXxf86vm-1.1.3/src/config.h.in 2013-05-31 03:43:31.000000000 +0200 @@ -30,6 +30,9 @@ /* Define to 1 if you have the <unistd.h> header file. */ #undef HAVE_UNISTD_H +/* Define to 1 if you have the `_XEatDataWords' function. */ +#undef HAVE__XEATDATAWORDS + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
