Hello community, here is the log from the commit of package libXfont for openSUSE:Factory checked in at 2014-01-08 20:35:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libXfont (Old) and /work/SRC/openSUSE:Factory/.libXfont.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXfont" Changes: -------- --- /work/SRC/openSUSE:Factory/libXfont/libXfont.changes 2013-08-19 13:29:58.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libXfont.new/libXfont.changes 2014-01-08 20:35:46.000000000 +0100 @@ -1,0 +2,8 @@ +Wed Jan 8 09:51:40 UTC 2014 - [email protected] + +- Update to version 1.4.7 + This release includes the fix for CVE-2013-6462, as well as + other security hardening and code cleanups, and makes libXfont + compatible with libXtrans 1.3 on Solaris. (bnc#854915) + +------------------------------------------------------------------- Old: ---- libXfont-1.4.6.tar.bz2 New: ---- libXfont-1.4.7.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libXfont.spec ++++++ --- /var/tmp/diff_new_pack.in6fqZ/_old 2014-01-08 20:35:47.000000000 +0100 +++ /var/tmp/diff_new_pack.in6fqZ/_new 2014-01-08 20:35:47.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package libXfont # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: libXfont %define lname libXfont1 -Version: 1.4.6 +Version: 1.4.7 Release: 0 Summary: X font handling library for server and utilities License: MIT ++++++ libXfont-1.4.6.tar.bz2 -> libXfont-1.4.7.tar.bz2 ++++++ ++++ 4318 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/ChangeLog new/libXfont-1.4.7/ChangeLog --- old/libXfont-1.4.6/ChangeLog 2013-07-22 01:58:01.000000000 +0200 +++ new/libXfont-1.4.7/ChangeLog 2014-01-07 17:27:27.000000000 +0100 @@ -1,3 +1,129 @@ +commit 30110063857ff9a5f93f6d8d13f535c9b6e59e2a +Author: Alan Coopersmith <[email protected]> +Date: Tue Jan 7 08:22:31 2014 -0800 + + libXfont 1.4.7 + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 2a84680376bafd74609c6ef3e38befcb8467d814 +Author: Alan Coopersmith <[email protected]> +Date: Mon Dec 23 19:01:11 2013 -0800 + + Limit additional sscanf strings to fit buffer sizes + + None of these could currently result in buffer overflow, as the input + and output buffers were the same size, but adding limits helps ensure + we keep it that way, if we ever resize any of these in the future. + + Fixes cppcheck warnings: + [lib/libXfont/src/bitmap/bdfread.c:547]: (warning) + scanf without field width limits can crash with huge input data. + [lib/libXfont/src/bitmap/bdfread.c:553]: (warning) + scanf without field width limits can crash with huge input data. + [lib/libXfont/src/bitmap/bdfread.c:636]: (warning) + scanf without field width limits can crash with huge input data. + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Matthieu Herrb <[email protected]> + Reviewed-by: Jeremy Huddleston Sequoia <[email protected]> + +commit 4d024ac10f964f6bd372ae0dd14f02772a6e5f63 +Author: Alan Coopersmith <[email protected]> +Date: Mon Dec 23 18:34:02 2013 -0800 + + CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters() + + Fixes cppcheck warning: + [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) + scanf without field width limits can crash with huge input data. + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Matthieu Herrb <[email protected]> + Reviewed-by: Jeremy Huddleston Sequoia <[email protected]> + +commit fdcf9a9be6a5d453659beadec5d1a1fdbab9afaf +Author: Alan Coopersmith <[email protected]> +Date: Fri Dec 27 11:01:35 2013 -0800 + + Add AC_USE_SYSTEM_EXTENSIONS to expose non-standard extensions + + Required on Solaris to expose definitions in system headers that + are not defined in the XPG standards now that xtrans 1.3 defines + _XOPEN_SOURCE to 600 on Solaris. + + Fixes build failures: + fserve.c: In function 'fs_block_handler': + fserve.c:1210:5: error: 'fd_mask' undeclared (first use in this function) + fserve.c:1210:5: note: each undeclared identifier is reported only once for each function it appears in + In file included from transport.c:67:0, + from fstrans.c:28: + Xtranssock.c: In function '_FontTransSocketINETConnect': + Xtranssock.c:1421:19: error: 'INET6_ADDRSTRLEN' undeclared (first use in this function) + Xtranssock.c:1421:19: note: each undeclared identifier is reported only once for each function it appears in + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Daniel Stone <[email protected]> + +commit 0d24378a6f08f5ab594ff552d60cf5f8f74bcb33 +Author: Alan Coopersmith <[email protected]> +Date: Sat Dec 7 20:11:29 2013 -0800 + + Don't leak old allocation if realloc fails to enlarge it + + In ftfuncs.c, since the buffer being reallocated is a function local + buffer, used to accumulate data for a single run of the function and + then freed at the end of the function, we just free the old buffer if + realloc fails. + + In atom.c however, the ReverseMap is a static buffer, so we operate in + temporary variables until we know we're successful, then update the + static variables. If we fail, we leave the old static variables in place, + since they contain data about previous atoms we should maintain, not lose. + + Reported by cppcheck: + [lib/libXfont/src/FreeType/ftfuncs.c:2122]: (error) Common realloc mistake: + 'ranges' nulled but not freed upon failure + [lib/libXfont/src/util/atom.c:126]: (error) Common realloc mistake: + 'reverseMap' nulled but not freed upon failure + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Peter Hutterer <[email protected]> + +commit 5e27c364b174497d427dcecd122d711ef6b9f630 +Author: Julien Cristau <[email protected]> +Date: Mon Aug 12 18:40:27 2013 +0200 + + Make serverGeneration unsigned + + Makes the definition match other declarations, and xserver's definition. + + Debian bug#689439 + + Reported-by: Michael Tautschnig <[email protected]> + Signed-off-by: Julien Cristau <[email protected]> + Reviewed-by: Alan Coopersmith <[email protected]> + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 7d34534c050cb4366c7b14bff585c17d6d578f89 +Author: Alan Coopersmith <[email protected]> +Date: Sat Oct 26 00:06:22 2013 -0700 + + Replace malloc(strlen)+strcpy/strcat calls with strdup + + Signed-off-by: Alan Coopersmith <[email protected]> + +commit 8a9fc31628a98e3cdaae6078bb5d92bce06c37ac +Author: Alan Coopersmith <[email protected]> +Date: Fri Oct 25 23:56:55 2013 -0700 + + xstrdup -> strdup + + Missed in xalloc -> malloc etal conversion in 0cdc9b8f850342 + + Signed-off-by: Alan Coopersmith <[email protected]> + Reviewed-by: Jasper St. Pierre <[email protected]> + commit 8b289e10c5013cdcbf817c06bd929e3ea8339987 Author: Alan Coopersmith <[email protected]> Date: Sun Jul 21 16:53:47 2013 -0700 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/config.h.in new/libXfont-1.4.7/config.h.in --- old/libXfont-1.4.6/config.h.in 2013-07-22 01:54:10.000000000 +0200 +++ new/libXfont-1.4.7/config.h.in 2014-01-07 17:25:24.000000000 +0100 @@ -94,9 +94,6 @@ /* Patch version of this package */ #undef PACKAGE_VERSION_PATCHLEVEL -/* Define as the return type of signal handlers (`int' or `void'). */ -#undef RETSIGTYPE - /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS @@ -106,6 +103,28 @@ /* Support UNIX socket connections */ #undef UNIXCONN +/* Enable extensions on AIX 3, Interix. */ +#ifndef _ALL_SOURCE +# undef _ALL_SOURCE +#endif +/* Enable GNU extensions on systems that have them. */ +#ifndef _GNU_SOURCE +# undef _GNU_SOURCE +#endif +/* Enable threading extensions on Solaris. */ +#ifndef _POSIX_PTHREAD_SEMANTICS +# undef _POSIX_PTHREAD_SEMANTICS +#endif +/* Enable extensions on HP NonStop. */ +#ifndef _TANDEM_SOURCE +# undef _TANDEM_SOURCE +#endif +/* Enable general extensions on Solaris. */ +#ifndef __EXTENSIONS__ +# undef __EXTENSIONS__ +#endif + + /* Version number of package */ #undef VERSION @@ -138,3 +157,16 @@ /* Support gzip for bitmap fonts */ #undef X_GZIP_FONT_COMPRESSION + +/* Define to 1 if on MINIX. */ +#undef _MINIX + +/* Define to 2 if the system does not provide POSIX.1 features except with + this defined. */ +#undef _POSIX_1_SOURCE + +/* Define to 1 if you need to in order for `stat' and other things to work. */ +#undef _POSIX_SOURCE + +/* Defined if needed to expose struct msghdr.msg_control */ +#undef _XOPEN_SOURCE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/configure.ac new/libXfont-1.4.7/configure.ac --- old/libXfont-1.4.6/configure.ac 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/configure.ac 2014-01-07 17:25:08.000000000 +0100 @@ -21,7 +21,7 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([libXfont], [1.4.6], +AC_INIT([libXfont], [1.4.7], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXfont]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS([config.h include/X11/fonts/fontconf.h]) @@ -29,6 +29,11 @@ # Initialize Automake AM_INIT_AUTOMAKE([foreign dist-bzip2]) +# Set common system defines for POSIX extensions, such as _GNU_SOURCE +# Must be called before any macros that run the compiler (like +# AC_PROG_LIBTOOL) to avoid autoconf errors. +AC_USE_SYSTEM_EXTENSIONS + # Initialize libtool AC_PROG_LIBTOOL diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/FreeType/ftfuncs.c new/libXfont-1.4.7/src/FreeType/ftfuncs.c --- old/libXfont-1.4.6/src/FreeType/ftfuncs.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/FreeType/ftfuncs.c 2014-01-07 17:25:08.000000000 +0100 @@ -2050,7 +2050,7 @@ { int nRanges = 0; int result = 0; - fsRange *ranges = NULL; + fsRange *ranges = NULL, *oldRanges; char const *p, *q; p = q = str; @@ -2119,10 +2119,13 @@ fflush(stderr); #endif nRanges++; + oldRanges = ranges; ranges = realloc(ranges, nRanges*sizeof(*ranges)); - if (NULL == ranges) + if (NULL == ranges) { + free(oldRanges); break; - { + } + else { fsRange *r = ranges+nRanges-1; r->min_char_low = minpoint & 0xff; @@ -2204,7 +2207,7 @@ strcpy(*dynStrRealFileName+dirLen, p2+1); capHead = p1; } else { - *dynStrRealFileName = xstrdup(fileName); + *dynStrRealFileName = strdup(fileName); if( *dynStrRealFileName == NULL ) { result = AllocError; goto quit; @@ -2289,13 +2292,11 @@ } } else{ - *dynStrFTFileName = malloc(strlen(*dynStrRealFileName)+1); + *dynStrFTFileName = strdup(*dynStrRealFileName); if( *dynStrFTFileName == NULL ){ result = AllocError; goto quit; } - **dynStrFTFileName = '\0'; - strcat(*dynStrFTFileName,*dynStrRealFileName); } } /* @@ -2549,7 +2550,7 @@ if (SPropRecValList_search_record(&listPropRecVal, &contRecValue, "CodeRange")) { - *dynStrTTCapCodeRange = xstrdup(SPropContainer_value_str(contRecValue)); + *dynStrTTCapCodeRange = strdup(SPropContainer_value_str(contRecValue)); if( *dynStrTTCapCodeRange == NULL ) { result = AllocError; goto quit; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/FreeType/xttcap.c new/libXfont-1.4.7/src/FreeType/xttcap.c --- old/libXfont-1.4.6/src/FreeType/xttcap.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/FreeType/xttcap.c 2014-01-07 17:25:08.000000000 +0100 @@ -234,14 +234,13 @@ { char *p; - if (NULL == (p = malloc(strlen(strValue)+1))) { + if (NULL == (p = strdup(strValue))) { fprintf(stderr, "truetype font property : " "cannot allocate memory.\n"); result = True; goto quit; } - strcpy(p, strValue); SPropContainer_value_str(&tmpContainerE) = p; } break; @@ -682,24 +681,4 @@ return result; } - -/************************************************************************** - Functions (xttmisc) - */ - -/* strdup clone with using the allocator of X server */ -char * -XttXstrdup(char const *str) -{ - char *result; - - result = malloc(strlen(str)+1); - - if (result) - strcpy(result, str); - - return result; -} - - /* end of file */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/FreeType/xttcap.h new/libXfont-1.4.7/src/FreeType/xttcap.h --- old/libXfont-1.4.6/src/FreeType/xttcap.h 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/FreeType/xttcap.h 2014-01-07 17:25:08.000000000 +0100 @@ -116,15 +116,6 @@ #define SPropContainer_value_str(contRecVal)\ ((contRecVal)->uValue.dynStringValue) -/****************************************************** - Prototypes (xttmisc) - */ - -/* strdup clone */ -char * XttXstrdup(char const *str); -#undef xstrdup -#define xstrdup(s) XttXstrdup((char const*)s) - #endif /* !def _XTTCAP_H_ */ /* end of file */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/bitmap/bdfread.c new/libXfont-1.4.7/src/bitmap/bdfread.c --- old/libXfont-1.4.6/src/bitmap/bdfread.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/bitmap/bdfread.c 2014-01-07 17:25:08.000000000 +0100 @@ -69,6 +69,7 @@ #define INDICES 256 #define MAXENCODING 0xFFFF #define BDFLINELEN 1024 +#define BDFLINESTR "%1023s" /* scanf specifier to read a BDFLINELEN string */ static Bool bdfPadToTerminal(FontPtr pFont); extern int bdfFileLineNum; @@ -338,7 +339,7 @@ char charName[100]; int ignore; - if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) { + if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) { bdfError("bad character name in BDF file\n"); goto BAILOUT; /* bottom of function, free and return error */ } @@ -544,13 +545,18 @@ unsigned char lineBuf[BDFLINELEN]; line = bdfGetLine(file, lineBuf, BDFLINELEN); - if (!line || sscanf((char *) line, "STARTFONT %s", namebuf) != 1 || + if (!line || + sscanf((char *) line, "STARTFONT " BDFLINESTR, namebuf) != 1 || !bdfStrEqual(namebuf, "2.1")) { bdfError("bad 'STARTFONT'\n"); return (FALSE); } line = bdfGetLine(file, lineBuf, BDFLINELEN); - if (!line || sscanf((char *) line, "FONT %[^\n]", pState->fontName) != 1) { +#if MAXFONTNAMELEN != 1024 +# error "need to adjust sscanf length limit to be MAXFONTNAMELEN - 1" +#endif + if (!line || + sscanf((char *) line, "FONT %1023[^\n]", pState->fontName) != 1) { bdfError("bad 'FONT'\n"); return (FALSE); } @@ -633,7 +639,9 @@ while (*line && isspace(*line)) line++; - switch (sscanf((char *) line, "%s%s%s", namebuf, secondbuf, thirdbuf)) { + switch (sscanf((char *) line, + BDFLINESTR BDFLINESTR BDFLINESTR, + namebuf, secondbuf, thirdbuf)) { default: bdfError("missing '%s' parameter value\n", namebuf); goto BAILOUT; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/fontfile/fontdir.c new/libXfont-1.4.7/src/fontfile/fontdir.c --- old/libXfont-1.4.6/src/fontfile/fontdir.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/fontfile/fontdir.c 2014-01-07 17:25:08.000000000 +0100 @@ -425,17 +425,13 @@ return ndashes; } +/* exported in public API in <X11/fonts/fntfil.h> */ char * FontFileSaveString (char *s) { - char *n; - - n = malloc (strlen (s) + 1); - if (!n) - return 0; - strcpy (n, s); - return n; + return strdup(s); } +#define FontFileSaveString(s) strdup(s) FontEntryPtr FontFileFindNameInScalableDir(FontTablePtr table, FontNamePtr pat, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/util/atom.c new/libXfont-1.4.7/src/util/atom.c --- old/libXfont-1.4.6/src/util/atom.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/util/atom.c 2014-01-07 17:25:08.000000000 +0100 @@ -118,19 +118,23 @@ static int ResizeReverseMap (void) { - int ret = TRUE; + AtomListPtr *newMap; + int newMapSize; + if (reverseMapSize == 0) - reverseMapSize = 1000; + newMapSize = 1000; else - reverseMapSize *= 2; - reverseMap = realloc (reverseMap, reverseMapSize * sizeof (AtomListPtr)); - if (!reverseMap) { + newMapSize = reverseMapSize * 2; + newMap = realloc (reverseMap, newMapSize * sizeof (AtomListPtr)); + if (newMap == NULL) { fprintf(stderr, "ResizeReverseMap(): Error: Couldn't reallocate" " reverseMap (%ld)\n", - reverseMapSize * (unsigned long)sizeof(AtomListPtr)); - ret = FALSE; + newMapSize * (unsigned long)sizeof(AtomListPtr)); + return FALSE; } - return ret; + reverseMap = newMap; + reverseMapSize = newMapSize; + return TRUE; } static int diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXfont-1.4.6/src/util/miscutil.c new/libXfont-1.4.7/src/util/miscutil.c --- old/libXfont-1.4.6/src/util/miscutil.c 2013-07-22 01:54:01.000000000 +0200 +++ new/libXfont-1.4.7/src/util/miscutil.c 2014-01-07 17:25:08.000000000 +0100 @@ -47,7 +47,7 @@ #ifndef NO_WEAK_SYMBOLS /* make sure everything initializes themselves at least once */ -weak long serverGeneration = 1; +weak unsigned long serverGeneration = 1; #endif weak void -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
