Hello community, here is the log from the commit of package libXi for openSUSE:Factory checked in at 2017-01-25 22:36:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libXi (Old) and /work/SRC/openSUSE:Factory/.libXi.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXi" Changes: -------- --- /work/SRC/openSUSE:Factory/libXi/libXi.changes 2016-11-05 21:21:58.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libXi.new/libXi.changes 2017-01-25 22:36:10.702033473 +0100 @@ -1,0 +2,8 @@ +Mon Jan 23 09:58:45 UTC 2017 - [email protected] + +- Update to version 1.7.9: + * Plug a memory leak + * Check that allocating a buffer succeeded + * Fix possible free of uninitialized pointer + +------------------------------------------------------------------- Old: ---- libXi-1.7.8.tar.bz2 New: ---- libXi-1.7.9.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libXi.spec ++++++ --- /var/tmp/diff_new_pack.G6Waxp/_old 2017-01-25 22:36:11.121969978 +0100 +++ /var/tmp/diff_new_pack.G6Waxp/_new 2017-01-25 22:36:11.125969374 +0100 @@ -1,7 +1,7 @@ # # spec file for package libXi # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ Name: libXi %define lname libXi6 -Version: 1.7.8 +Version: 1.7.9 Release: 0 Summary: X Input Extension library License: MIT ++++++ libXi-1.7.8.tar.bz2 -> libXi-1.7.9.tar.bz2 ++++++ ++++ 6067 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXi-1.7.8/ChangeLog new/libXi-1.7.9/ChangeLog --- old/libXi-1.7.8/ChangeLog 2016-10-25 04:45:17.000000000 +0200 +++ new/libXi-1.7.9/ChangeLog 2017-01-23 04:59:29.000000000 +0100 @@ -1,3 +1,53 @@ +commit b87c312590877800b4e18a17a012b47839f5c06b +Author: Peter Hutterer <[email protected]> +Date: Mon Jan 23 13:44:58 2017 +1000 + + libXi 1.7.9 + + Signed-off-by: Peter Hutterer <[email protected]> + +commit 557b60798a9da49386f1034b133838332735de22 +Author: Emilio Pozuelo Monfort <[email protected]> +Date: Tue Dec 27 17:24:10 2016 +0100 + + Fix possible free of uninitialized pointer + + If the _XReply() call fails, we'll try to free an uninitialized + pointer. + + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849026 + + Reported-by: Thomas Walker <[email protected]> + Signed-off-by: Emilio Pozuelo Monfort <[email protected]> + Reviewed-by: Julien Cristau <[email protected]> + Tested-by: Thomas Walker <[email protected]> + Signed-off-by: Julien Cristau <[email protected]> + +commit 4c5c8d6246debc06a56120cff71bfdf1877884d0 +Author: Emilio Pozuelo Monfort <[email protected]> +Date: Tue Oct 25 21:31:19 2016 +0200 + + Check that allocating a buffer succeeded + + Since we are going to write into the buffer, we should make sure the + allocation didn't fail. + + Reported-by: Julien Cristau <[email protected]> + Signed-off-by: Emilio Pozuelo Monfort <[email protected]> + Signed-off-by: Peter Hutterer <[email protected]> + +commit 7ac03c6c1907a39b5b42b17ad331295b8c85154d +Author: Emilio Pozuelo Monfort <[email protected]> +Date: Tue Oct 25 21:31:18 2016 +0200 + + Plug a memory leak + + Introduced in commit 19a9cd6. + + Reported-by: Julien Cristau <[email protected]> + Signed-off-by: Emilio Pozuelo Monfort <[email protected]> + Signed-off-by: Peter Hutterer <[email protected]> + commit 1bdeb431c3cc9eec7e12fdd29a83237f2f228865 Author: Peter Hutterer <[email protected]> Date: Tue Oct 25 12:43:44 2016 +1000 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXi-1.7.8/configure.ac new/libXi-1.7.9/configure.ac --- old/libXi-1.7.8/configure.ac 2016-10-25 04:43:32.000000000 +0200 +++ new/libXi-1.7.9/configure.ac 2017-01-23 04:44:51.000000000 +0100 @@ -1,7 +1,7 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([libXi], [1.7.8], +AC_INIT([libXi], [1.7.9], [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXi]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS([src/config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libXi-1.7.8/src/XIQueryDevice.c new/libXi-1.7.9/src/XIQueryDevice.c --- old/libXi-1.7.8/src/XIQueryDevice.c 2016-10-13 02:56:34.000000000 +0200 +++ new/libXi-1.7.9/src/XIQueryDevice.c 2017-01-23 04:44:06.000000000 +0100 @@ -46,7 +46,7 @@ char *ptr; char *end; int i; - char *buf; + char *buf = NULL; XExtDisplayInfo *extinfo = XInput_find_display(dpy); @@ -66,17 +66,18 @@ { *ndevices_return = reply.num_devices; info = Xmalloc((reply.num_devices + 1) * sizeof(XIDeviceInfo)); + buf = Xmalloc(reply.length * 4); } else { *ndevices_return = 0; info = NULL; + buf = NULL; } - if (!info) + if (!info || !buf) goto error; - buf = Xmalloc(reply.length * 4); _XRead(dpy, buf, reply.length * 4); ptr = buf; end = buf + reply.length * 4; @@ -136,6 +137,8 @@ Xfree(info[i].classes); } error: + Xfree(info); + Xfree(buf); UnlockDisplay(dpy); error_unlocked: SyncHandle();
