Hello community, here is the log from the commit of package xorgxrdp for openSUSE:Factory checked in at 2018-09-24 13:12:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xorgxrdp (Old) and /work/SRC/openSUSE:Factory/.xorgxrdp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xorgxrdp" Mon Sep 24 13:12:55 2018 rev:9 rq:637022 version:0.2.8 Changes: -------- --- /work/SRC/openSUSE:Factory/xorgxrdp/xorgxrdp.changes 2018-08-06 11:54:55.349311546 +0200 +++ /work/SRC/openSUSE:Factory/.xorgxrdp.new/xorgxrdp.changes 2018-09-24 13:12:58.441736997 +0200 @@ -1,0 +2,6 @@ +Thu Sep 20 08:57:44 UTC 2018 - [email protected] + +- Update to version 0.2.8 + + Fix invalid memory access issues #124 #125 + +------------------------------------------------------------------- Old: ---- xorgxrdp-0.2.7.tar.gz xorgxrdp-0.2.7.tar.gz.asc New: ---- xorgxrdp-0.2.8.tar.gz xorgxrdp-0.2.8.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xorgxrdp.spec ++++++ --- /var/tmp/diff_new_pack.i4b4LA/_old 2018-09-24 13:12:58.849736283 +0200 +++ /var/tmp/diff_new_pack.i4b4LA/_new 2018-09-24 13:12:58.853736276 +0200 @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: xorgxrdp -Version: 0.2.7 +Version: 0.2.8 Release: 0 Summary: Xorg drivers for xrdp License: X11 ++++++ xorgxrdp-0.2.7.tar.gz -> xorgxrdp-0.2.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/README.md new/xorgxrdp-0.2.8/README.md --- old/xorgxrdp-0.2.7/README.md 2018-06-18 15:32:27.000000000 +0200 +++ new/xorgxrdp-0.2.8/README.md 2018-09-18 04:36:30.000000000 +0200 @@ -1,6 +1,6 @@ [](https://travis-ci.org/neutrinolabs/xorgxrdp) -*Current Version:* 0.2.7 +*Current Version:* 0.2.8 # xorgxrdp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/configure new/xorgxrdp-0.2.8/configure --- old/xorgxrdp-0.2.7/configure 2018-06-18 15:35:56.000000000 +0200 +++ new/xorgxrdp-0.2.8/configure 2018-09-18 04:56:51.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for xorgxrdp 0.2.7. +# Generated by GNU Autoconf 2.69 for xorgxrdp 0.2.8. # # Report bugs to <[email protected]>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='xorgxrdp' PACKAGE_TARNAME='xorgxrdp' -PACKAGE_VERSION='0.2.7' -PACKAGE_STRING='xorgxrdp 0.2.7' +PACKAGE_VERSION='0.2.8' +PACKAGE_STRING='xorgxrdp 0.2.8' PACKAGE_BUGREPORT='[email protected]' PACKAGE_URL='' @@ -1338,7 +1338,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures xorgxrdp 0.2.7 to adapt to many kinds of systems. +\`configure' configures xorgxrdp 0.2.8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1408,7 +1408,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of xorgxrdp 0.2.7:";; + short | recursive ) echo "Configuration of xorgxrdp 0.2.8:";; esac cat <<\_ACEOF @@ -1532,7 +1532,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -xorgxrdp configure 0.2.7 +xorgxrdp configure 0.2.8 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1810,7 +1810,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by xorgxrdp $as_me 0.2.7, which was +It was created by xorgxrdp $as_me 0.2.8, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2684,7 +2684,7 @@ # Define the identity of the package. PACKAGE='xorgxrdp' - VERSION='0.2.7' + VERSION='0.2.8' cat >>confdefs.h <<_ACEOF @@ -13533,7 +13533,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by xorgxrdp $as_me 0.2.7, which was +This file was extended by xorgxrdp $as_me 0.2.8, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13599,7 +13599,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -xorgxrdp config.status 0.2.7 +xorgxrdp config.status 0.2.8 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/configure.ac new/xorgxrdp-0.2.8/configure.ac --- old/xorgxrdp-0.2.7/configure.ac 2018-06-18 15:32:27.000000000 +0200 +++ new/xorgxrdp-0.2.8/configure.ac 2018-09-18 04:36:30.000000000 +0200 @@ -2,7 +2,7 @@ AC_PREREQ(2.65) # package version must be x.y.z -AC_INIT([xorgxrdp], [0.2.7], [[email protected]]) +AC_INIT([xorgxrdp], [0.2.8], [[email protected]]) package_version_major=$(echo ${PACKAGE_VERSION}|cut -d. -f1) package_version_minor=$(echo ${PACKAGE_VERSION}|cut -d. -f2) package_version_patchlevel=$(echo ${PACKAGE_VERSION}|cut -d. -f3) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/module/rdpClientCon.c new/xorgxrdp-0.2.8/module/rdpClientCon.c --- old/xorgxrdp-0.2.7/module/rdpClientCon.c 2018-02-14 17:44:23.000000000 +0100 +++ new/xorgxrdp-0.2.8/module/rdpClientCon.c 2018-09-18 04:36:30.000000000 +0200 @@ -149,6 +149,56 @@ #endif /******************************************************************************/ +static void +rdpAddClientConToDev(rdpPtr dev, rdpClientCon *clientCon) +{ + clientCon->next = NULL; + clientCon->prev = dev->clientConTail; + + if (dev->clientConTail == NULL) + { + LLOGLN(0, ("rdpAddClientConToDev: adding first clientCon %p", + clientCon)); + dev->clientConHead = clientCon; + } + else + { + LLOGLN(0, ("rdpAddClientConToDev: adding clientCon %p", + clientCon)); + dev->clientConTail->next = clientCon; + } + dev->clientConTail = clientCon; +} + +/******************************************************************************/ +static void +rdpRemoveClientConFromDev(rdpPtr dev, rdpClientCon *clientCon) +{ + LLOGLN(0, ("rdpRemoveClientConFromDev: removing clientCon %p", + clientCon)); + + if (clientCon->prev == NULL) + { + /* first in list */ + dev->clientConHead = clientCon->next; + } + else + { + clientCon->prev->next = clientCon->next; + } + + if (clientCon->next == NULL) + { + /* last in list */ + dev->clientConTail = clientCon->prev; + } + else + { + clientCon->next->prev = clientCon->prev; + } +} + +/******************************************************************************/ static int rdpClientConGotConnection(ScreenPtr pScreen, rdpPtr dev) { @@ -178,7 +228,6 @@ g_sck_set_non_blocking(clientCon->sck); g_sck_tcp_set_no_delay(clientCon->sck); /* only works if TCP */ clientCon->connected = TRUE; - clientCon->sckClosed = FALSE; clientCon->begin = FALSE; dev->conNumber++; clientCon->conNumber = dev->conNumber; @@ -188,25 +237,15 @@ #if 1 if (dev->clientConTail != NULL) { - LLOGLN(0, ("rdpClientConGotConnection: disconnecting only clientCon")); - rdpClientConDisconnect(dev, dev->clientConTail); - dev->clientConHead = NULL; - dev->clientConTail = NULL; + /* Only allow one client at a time */ + LLOGLN(0, ("rdpClientConGotConnection: " + "marking only clientCon %p for disconnect", + dev->clientConTail)); + dev->clientConTail->connected = FALSE; } #endif - if (dev->clientConTail == NULL) - { - LLOGLN(0, ("rdpClientConGotConnection: adding only clientCon")); - dev->clientConHead = clientCon; - dev->clientConTail = clientCon; - } - else - { - LLOGLN(0, ("rdpClientConGotConnection: adding clientCon")); - dev->clientConTail->next = clientCon; - dev->clientConTail = clientCon; - } + rdpAddClientConToDev(dev, clientCon); clientCon->dirtyRegion = rdpRegionCreate(NullBox, 0); clientCon->shmRegion = rdpRegionCreate(NullBox, 0); @@ -259,8 +298,6 @@ rdpClientConDisconnect(rdpPtr dev, rdpClientCon *clientCon) { int index; - rdpClientCon *pcli; - rdpClientCon *plcli; LLOGLN(0, ("rdpClientConDisconnect:")); if (dev->do_kill_disconnected) @@ -293,38 +330,8 @@ } free(clientCon->osBitmaps); - plcli = NULL; - pcli = dev->clientConHead; - while (pcli != NULL) - { - if (pcli == clientCon) - { - if (plcli == NULL) - { - /* removing first item */ - dev->clientConHead = pcli->next; - if (dev->clientConHead == NULL) - { - /* removed only */ - dev->clientConTail = NULL; - } - } - else - { - plcli->next = pcli->next; - if (pcli == dev->clientConTail) - { - /* removed last */ - dev->clientConTail = plcli; - } - } - LLOGLN(0, ("rdpClientConDisconnect: clientCon removed from " - "dev list")); - break; - } - plcli = pcli; - pcli = pcli->next; - } + rdpRemoveClientConFromDev(dev, clientCon); + rdpRegionDestroy(clientCon->dirtyRegion); rdpRegionDestroy(clientCon->shmRegion); if (clientCon->updateTimer != NULL) @@ -347,7 +354,7 @@ LLOGLN(10, ("rdpClientConSend - sending %d bytes", len)); - if (clientCon->sckClosed) + if (!clientCon->connected) { return 1; } @@ -365,14 +372,14 @@ else { LLOGLN(0, ("rdpClientConSend: g_tcp_send failed(returned -1)")); - rdpClientConDisconnect(dev, clientCon); + clientCon->connected = FALSE; return 1; } } else if (sent == 0) { LLOGLN(0, ("rdpClientConSend: g_tcp_send failed(returned zero)")); - rdpClientConDisconnect(dev, clientCon); + clientCon->connected = FALSE; return 1; } else @@ -452,7 +459,7 @@ { int rcvd; - if (clientCon->sckClosed) + if (!clientCon->connected) { return 1; } @@ -470,14 +477,14 @@ else { LLOGLN(0, ("rdpClientConRecv: g_sck_recv failed(returned -1)")); - rdpClientConDisconnect(dev, clientCon); + clientCon->connected = FALSE; return 1; } } else if (rcvd == 0) { LLOGLN(0, ("rdpClientConRecv: g_sck_recv failed(returned 0)")); - rdpClientConDisconnect(dev, clientCon); + clientCon->connected = FALSE; return 1; } else @@ -1062,6 +1069,7 @@ { rdpPtr dev; rdpClientCon *clientCon; + rdpClientCon *nextCon; fd_set rfds; struct timeval time; int max; @@ -1093,6 +1101,15 @@ clientCon = dev->clientConHead; while (clientCon != NULL) { + if (!clientCon->connected) + { + /* I/O error on this client - remove it */ + nextCon = clientCon->next; + rdpClientConDisconnect(dev, clientCon); + clientCon = nextCon; + continue; + } + if (clientCon->sck > 0) { count++; @@ -1145,18 +1162,17 @@ LLOGLN(0, ("rdpClientConCheck: got disconnection request")); /* disconnect all clients */ - clientCon = dev->clientConHead; - while (clientCon != NULL) + while (dev->clientConHead != NULL) { - rdpClientConDisconnect(dev, clientCon); - clientCon = clientCon->next; + rdpClientConDisconnect(dev, dev->clientConHead); } } } } - clientCon = dev->clientConHead; - while (clientCon != NULL) + for (clientCon = dev->clientConHead; + clientCon != NULL; + clientCon = clientCon->next) { if (clientCon->sck > 0) { @@ -1165,8 +1181,7 @@ if (rdpClientConGotData(pScreen, dev, clientCon) != 0) { LLOGLN(0, ("rdpClientConCheck: rdpClientConGotData failed")); - clientCon = dev->clientConHead; - continue; + continue; /* skip other socket checks for this clientCon */ } } } @@ -1177,7 +1192,6 @@ if (rdpClientConGotControlConnection(pScreen, dev, clientCon) != 0) { LLOGLN(0, ("rdpClientConCheck: rdpClientConGotControlConnection failed")); - clientCon = dev->clientConHead; continue; } } @@ -1189,12 +1203,10 @@ if (rdpClientConGotControlData(pScreen, dev, clientCon) != 0) { LLOGLN(0, ("rdpClientConCheck: rdpClientConGotControlData failed")); - clientCon = dev->clientConHead; continue; } } } - clientCon = clientCon->next; } return 0; } @@ -1299,12 +1311,10 @@ { LLOGLN(0, ("rdpClientConDeinit:")); - if (dev->clientConTail != NULL) + while (dev->clientConTail != NULL) { - LLOGLN(0, ("rdpClientConDeinit: disconnecting only clientCon")); + LLOGLN(0, ("rdpClientConDeinit: disconnecting clientCon")); rdpClientConDisconnect(dev, dev->clientConTail); - dev->clientConHead = NULL; - dev->clientConTail = NULL; } if (dev->listen_sck != 0) @@ -1332,19 +1342,16 @@ { LLOGLN(10, ("rdpClientConBeginUpdate:")); - if (clientCon->connected) + if (clientCon->begin) { - if (clientCon->begin) - { - return 0; - } - init_stream(clientCon->out_s, 0); - s_push_layer(clientCon->out_s, iso_hdr, 8); - out_uint16_le(clientCon->out_s, 1); /* begin update */ - out_uint16_le(clientCon->out_s, 4); /* size */ - clientCon->begin = TRUE; - clientCon->count = 1; + return 0; } + init_stream(clientCon->out_s, 0); + s_push_layer(clientCon->out_s, iso_hdr, 8); + out_uint16_le(clientCon->out_s, 1); /* begin update */ + out_uint16_le(clientCon->out_s, 4); /* size */ + clientCon->begin = TRUE; + clientCon->count = 1; return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/module/rdpClientCon.h new/xorgxrdp-0.2.8/module/rdpClientCon.h --- old/xorgxrdp-0.2.7/module/rdpClientCon.h 2017-08-09 06:45:44.000000000 +0200 +++ new/xorgxrdp-0.2.8/module/rdpClientCon.h 2018-09-18 04:36:30.000000000 +0200 @@ -62,10 +62,9 @@ int rectIdAck; int rectId; - int connected; /* boolean */ + int connected; /* boolean. Set to False when I/O fails */ int begin; /* boolean */ int count; - int sckClosed; /* boolean */ struct rdpup_os_bitmap *osBitmaps; int maxOsBitmaps; int osBitmapStamp; @@ -114,6 +113,7 @@ int *rfx_crcs; struct _rdpClientCon *next; + struct _rdpClientCon *prev; }; extern _X_EXPORT int diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/xorgxrdp-0.2.7/xrdpmouse/rdpMouse.c new/xorgxrdp-0.2.8/xrdpmouse/rdpMouse.c --- old/xorgxrdp-0.2.7/xrdpmouse/rdpMouse.c 2017-08-09 06:45:44.000000000 +0200 +++ new/xorgxrdp-0.2.8/xrdpmouse/rdpMouse.c 2018-08-30 07:52:18.000000000 +0200 @@ -234,11 +234,13 @@ static int rdpmouseControl(DeviceIntPtr device, int what) { - BYTE map[9]; +#define NBUTTONS 9 + BYTE map[NBUTTONS + 1]; /* Indexed from 1 */ DevicePtr pDev; - Atom btn_labels[9]; + Atom btn_labels[NBUTTONS]; Atom axes_labels[2]; rdpPtr dev; + int i; LLOGLN(0, ("rdpmouseControl: what %d", what)); pDev = (DevicePtr)device; @@ -247,15 +249,10 @@ { case DEVICE_INIT: rdpmouseDeviceInit(); - map[0] = 0; - map[1] = 1; - map[2] = 2; - map[3] = 3; - map[4] = 4; - map[5] = 5; - map[6] = 6; - map[7] = 7; - map[8] = 8; + for (i = 0 ; i <= NBUTTONS; ++i) /* element 0 not used */ + { + map[i] = i; + } btn_labels[0] = XIGetKnownProperty(BTN_LABEL_PROP_BTN_LEFT); btn_labels[1] = XIGetKnownProperty(BTN_LABEL_PROP_BTN_MIDDLE); @@ -270,7 +267,7 @@ axes_labels[0] = XIGetKnownProperty(AXIS_LABEL_PROP_REL_X); axes_labels[1] = XIGetKnownProperty(AXIS_LABEL_PROP_REL_Y); - InitPointerDeviceStruct(pDev, map, 9, btn_labels, rdpmouseCtrl, + InitPointerDeviceStruct(pDev, map, NBUTTONS, btn_labels, rdpmouseCtrl, GetMotionHistorySize(), 2, axes_labels); dev = rdpGetDevFromScreen(NULL); dev->pointer.device = device; @@ -295,6 +292,7 @@ } return Success; +#undef NBUTTONS } #if XORG_VERSION_CURRENT < XORG_VERSION_NUMERIC(1, 9, 0, 1, 0)
