Hello community, here is the log from the commit of package libXv for openSUSE:Factory checked in at 2013-06-25 09:28:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libXv (Old) and /work/SRC/openSUSE:Factory/.libXv.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXv" Changes: -------- --- /work/SRC/openSUSE:Factory/libXv/libXv.changes 2013-06-05 11:58:10.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libXv.new/libXv.changes 2013-06-25 14:41:48.000000000 +0200 @@ -1,0 +2,10 @@ +Sun Jun 23 14:47:39 UTC 2013 - [email protected] + +- Update to version 1.0.9: + This quick fix release corrects an issue with the security fix from 1.0.8, + in which, if the size checks did determine the response from the X server + was too large to fit in the buffer it had allocated, XvQueryPortAttributes + could return a pointer to the caller that pointed to uninitialized memory + where the caller expected a nil-terminated string. + +------------------------------------------------------------------- Old: ---- libXv-1.0.8.tar.bz2 New: ---- libXv-1.0.9.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libXv.spec ++++++ --- /var/tmp/diff_new_pack.CItLYD/_old 2013-06-25 14:41:49.000000000 +0200 +++ /var/tmp/diff_new_pack.CItLYD/_new 2013-06-25 14:41:49.000000000 +0200 @@ -18,7 +18,7 @@ Name: libXv %define lname libXv1 -Version: 1.0.8 +Version: 1.0.9 Release: 0 Summary: X Video extension library License: MIT ++++++ libXv-1.0.8.tar.bz2 -> libXv-1.0.9.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/ChangeLog new/libXv-1.0.9/ChangeLog --- old/libXv-1.0.8/ChangeLog 2013-06-01 02:51:42.000000000 +0200 +++ new/libXv-1.0.9/ChangeLog 2013-06-23 04:06:41.000000000 +0200 @@ -1,3 +1,32 @@ +commit d58f74ebfd0c56ffeb8e288c65592228af197a2e +Author: Alan Coopersmith <[email protected]> +Date: Sat Jun 22 19:06:09 2013 -0700 + + libXv 1.0.9 + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 22cc0c897a28a41d49fe68277bb3c002f54bbb48 +Author: Daphne Pfister <[email protected]> +Date: Sat Jun 1 22:27:23 2013 -0400 + + Bug 65252: Ensure final name is nil-terminated & none point to uninitialized memory. + + This patch attempts to fix this bug by ensuring that there is at least one + nil byte at the end of all the name strings. This should prevent reading + past the end of the allocation as well as exposing uninitialized memory. + + Reviewed-by: Alan Coopersmith <[email protected]> + Signed-off-by: Alan Coopersmith <[email protected]> + +commit edfb6fc397686c1892603d0f86a9aadf14dbc12e +Author: Alan Coopersmith <[email protected]> +Date: Sat Jun 1 17:26:11 2013 -0700 + + XvQueryPortAttributes: add a comment explaining memory strategy + + Signed-off-by: Alan Coopersmith <[email protected]> + commit 179ed259e75a62e74532e36f52f3838deb2aac92 Author: Alan Coopersmith <[email protected]> Date: Fri May 31 17:49:24 2013 -0700 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/Makefile.in new/libXv-1.0.9/Makefile.in --- old/libXv-1.0.8/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/aclocal.m4 new/libXv-1.0.9/aclocal.m4 --- old/libXv-1.0.8/aclocal.m4 2013-06-01 02:49:34.000000000 +0200 +++ new/libXv-1.0.9/aclocal.m4 2013-06-23 04:06:17.000000000 +0200 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.13.2 -*- Autoconf -*- +# generated automatically by aclocal 1.13.4 -*- Autoconf -*- # Copyright (C) 1996-2013 Free Software Foundation, Inc. @@ -35,7 +35,7 @@ [am__api_version='1.13' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.13.2], [], +m4_if([$1], [1.13.4], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -51,7 +51,7 @@ # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.13.2])dnl +[AM_AUTOMAKE_VERSION([1.13.4])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/config.guess new/libXv-1.0.9/config.guess --- old/libXv-1.0.8/config.guess 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/config.guess 2013-06-23 04:06:22.000000000 +0200 @@ -2,7 +2,7 @@ # Attempt to guess a canonical system name. # Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2013-04-24' +timestamp='2013-06-10' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -132,6 +132,27 @@ UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include <features.h> + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in @@ -853,21 +874,21 @@ exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; aarch64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in @@ -880,67 +901,54 @@ EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arc:Linux:*:* | arceb:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi else - echo ${UNAME_MACHINE}-unknown-linux-gnueabihf + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf fi fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo ${UNAME_MACHINE}-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; hexagon:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif - #else - #include <features.h> - #ifdef __UCLIBC__ - LIBC=uclibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build @@ -959,59 +967,63 @@ #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; or1k:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; or32:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) - echo sparc-unknown-linux-gnu + echo sparc-unknown-linux-${LIBC} exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + echo powerpc64-unknown-linux-${LIBC} exit ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - LIBC=gnu - test -r /lib/libc.so && od -An -S13 /lib/libc.so | grep -q __uClibc_main && LIBC=uclibc echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -1244,19 +1256,21 @@ exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/configure new/libXv-1.0.9/configure --- old/libXv-1.0.8/configure 2013-06-01 02:49:37.000000000 +0200 +++ new/libXv-1.0.9/configure 2013-06-23 04:06:21.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for libXv 1.0.8. +# Generated by GNU Autoconf 2.68 for libXv 1.0.9. # # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=xorg>. # @@ -571,8 +571,8 @@ # Identity of this package. PACKAGE_NAME='libXv' PACKAGE_TARNAME='libXv' -PACKAGE_VERSION='1.0.8' -PACKAGE_STRING='libXv 1.0.8' +PACKAGE_VERSION='1.0.9' +PACKAGE_STRING='libXv 1.0.9' PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=xorg' PACKAGE_URL='' @@ -1335,7 +1335,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libXv 1.0.8 to adapt to many kinds of systems. +\`configure' configures libXv 1.0.9 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1405,7 +1405,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libXv 1.0.8:";; + short | recursive ) echo "Configuration of libXv 1.0.9:";; esac cat <<\_ACEOF @@ -1526,7 +1526,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libXv configure 1.0.8 +libXv configure 1.0.9 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1850,7 +1850,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libXv $as_me 1.0.8, which was +It was created by libXv $as_me 1.0.9, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -2718,7 +2718,7 @@ # Define the identity of the package. PACKAGE='libXv' - VERSION='1.0.8' + VERSION='1.0.9' cat >>confdefs.h <<_ACEOF @@ -18448,7 +18448,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libXv $as_me 1.0.8, which was +This file was extended by libXv $as_me 1.0.9, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -18514,7 +18514,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libXv config.status 1.0.8 +libXv config.status 1.0.9 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/configure.ac new/libXv-1.0.9/configure.ac --- old/libXv-1.0.8/configure.ac 2013-06-01 02:49:29.000000000 +0200 +++ new/libXv-1.0.9/configure.ac 2013-06-23 04:05:54.000000000 +0200 @@ -22,7 +22,7 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([libXv], [1.0.8], +AC_INIT([libXv], [1.0.9], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXv]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS([config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/depcomp new/libXv-1.0.9/depcomp --- old/libXv-1.0.8/depcomp 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/depcomp 2013-06-23 04:06:22.000000000 +0200 @@ -1,7 +1,7 @@ #! /bin/sh # depcomp - compile a program generating dependencies as side-effects -scriptversion=2012-10-18.11; # UTC +scriptversion=2013-05-30.07; # UTC # Copyright (C) 1999-2013 Free Software Foundation, Inc. @@ -552,6 +552,7 @@ G p }' >> "$depfile" + echo >> "$depfile" # make sure the fragment doesn't end with a backslash rm -f "$tmpdepfile" ;; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/include/Makefile.in new/libXv-1.0.9/include/Makefile.in --- old/libXv-1.0.8/include/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/include/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/include/X11/Makefile.in new/libXv-1.0.9/include/X11/Makefile.in --- old/libXv-1.0.8/include/X11/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/include/X11/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/include/X11/extensions/Makefile.in new/libXv-1.0.9/include/X11/extensions/Makefile.in --- old/libXv-1.0.8/include/X11/extensions/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/include/X11/extensions/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/man/Makefile.in new/libXv-1.0.9/man/Makefile.in --- old/libXv-1.0.8/man/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/man/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/src/Makefile.in new/libXv-1.0.9/src/Makefile.in --- old/libXv-1.0.8/src/Makefile.in 2013-06-01 02:49:39.000000000 +0200 +++ new/libXv-1.0.9/src/Makefile.in 2013-06-23 04:06:22.000000000 +0200 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.2 from Makefile.am. +# Makefile.in generated by automake 1.13.4 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libXv-1.0.8/src/Xv.c new/libXv-1.0.9/src/Xv.c --- old/libXv-1.0.8/src/Xv.c 2013-06-01 02:49:29.000000000 +0200 +++ new/libXv-1.0.9/src/Xv.c 2013-06-23 04:05:29.000000000 +0200 @@ -850,12 +850,23 @@ return ret; } + /* + * X server sends data packed as: + * attribute1, name1, attribute2, name2, ... + * We allocate a single buffer large enough to hold them all and + * then de-interleave the data so we return it to clients as: + * attribute1, attribute2, ..., name1, name2, ... + * so that clients may refer to attributes as a simple array of + * structs: attributes[0], attributes[1], ... + * and free it as a single/simple buffer. + */ + if(rep.num_attributes) { unsigned long size; /* limit each part to no more than one half the max size */ if ((rep.num_attributes < ((INT_MAX / 2) / sizeof(XvAttribute))) && - (rep.text_size < (INT_MAX / 2))) { - size = (rep.num_attributes * sizeof(XvAttribute)) + rep.text_size; + (rep.text_size < (INT_MAX / 2)-1)) { + size = (rep.num_attributes * sizeof(XvAttribute)) + rep.text_size + 1; ret = Xmalloc(size); } @@ -880,6 +891,10 @@ } (*num)++; } + + /* ensure final string is nil-terminated to avoid exposure of + uninitialized memory */ + *marker = '\0'; } else _XEatDataWords(dpy, rep.length); } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
