rpms/libX11
7
0
Fork 0
Code Issues Pull Requests Releases Activity

libX11 1.1.2, with full frontal XCB action.

Browse Source
This commit is contained in:
Adam Jackson 2007-07-23 17:29:04 +00:00
parent e027b9cba6
commit 0b657aad05
6 changed files with 15 additions and 229 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1 +1 @@
libX11-1.0.3.tar.bz2
libX11-1.1.2.tar.bz2

95
libX11-cve-2007-1667.patch
View File

@ -1,95 +0,0 @@
From: Matthieu Herrb <matthieu@roadrock.(none)>
Date: Tue, 3 Apr 2007 13:39:52 +0000 (+0200)
Subject: Multiple integer overflows in the XGetPixel() and XInitImage functions
X-Git-Url: http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commitdiff;h=7dc7ef398b6ad90ccd1680ed9cd1cfdd47312f5a
Multiple integer overflows in the XGetPixel() and XInitImage functions
CVE-2007-1667
---
--- a/src/ImUtil.c
+++ b/src/ImUtil.c
@@ -327,12 +327,13 @@ XImage *XCreateImage (dpy, visual, depth
{
register XImage *image;
int bits_per_pixel = 1;
+ int min_bytes_per_line;
if (depth == 0 || depth > 32 ||
(format != XYBitmap && format != XYPixmap && format != ZPixmap) ||
(format == XYBitmap && depth != 1) ||
(xpad != 8 && xpad != 16 && xpad != 32) ||
- offset < 0 || image_bytes_per_line < 0)
+ offset < 0)
return (XImage *) NULL;
if ((image = (XImage *) Xcalloc(1, (unsigned) sizeof(XImage))) == NULL)
return (XImage *) NULL;
@@ -363,16 +364,21 @@ XImage *XCreateImage (dpy, visual, depth
/*
* compute per line accelerator.
*/
- if (image_bytes_per_line == 0)
{
if (format == ZPixmap)
- image->bytes_per_line =
+ min_bytes_per_line =
ROUNDUP((bits_per_pixel * width), image->bitmap_pad);
else
- image->bytes_per_line =
+ min_bytes_per_line =
ROUNDUP((width + offset), image->bitmap_pad);
}
- else image->bytes_per_line = image_bytes_per_line;
+ if (image_bytes_per_line == 0) {
+ image->bytes_per_line = min_bytes_per_line;
+ } else if (image_bytes_per_line < min_bytes_per_line) {
+ return 0;
+ } else {
+ image->bytes_per_line = image_bytes_per_line;
+ }
image->bits_per_pixel = bits_per_pixel;
image->obdata = NULL;
@@ -384,7 +390,11 @@ XImage *XCreateImage (dpy, visual, depth
Status XInitImage (image)
XImage *image;
{
+ int min_bytes_per_line;
+
if (image->depth == 0 || image->depth > 32 ||
+ image->bits_per_pixel > 32 || image->bitmap_unit > 32 ||
+ image->bits_per_pixel < 0 || image->bitmap_unit < 0 ||
(image->format != XYBitmap &&
image->format != XYPixmap &&
image->format != ZPixmap) ||
@@ -392,21 +402,24 @@ Status XInitImage (image)
(image->bitmap_pad != 8 &&
image->bitmap_pad != 16 &&
image->bitmap_pad != 32) ||
- image->xoffset < 0 || image->bytes_per_line < 0)
+ image->xoffset < 0)
return 0;
/*
* compute per line accelerator.
*/
- if (image->bytes_per_line == 0)
- {
if (image->format == ZPixmap)
- image->bytes_per_line =
+ min_bytes_per_line =
ROUNDUP((image->bits_per_pixel * image->width),
image->bitmap_pad);
else
- image->bytes_per_line =
+ min_bytes_per_line =
ROUNDUP((image->width + image->xoffset), image->bitmap_pad);
+
+ if (image->bytes_per_line == 0) {
+ image->bytes_per_line = min_bytes_per_line;
+ } else if (image->bytes_per_line < min_bytes_per_line) {
+ return 0;
}
_XInitImageFuncPtrs (image);

11
libX11-fd-leak.patch
View File

@ -1,11 +0,0 @@
diff -urNad libx11-1.0.3~/modules/im/ximcp/imLcIm.c libx11-1.0.3/modules/im/ximcp/imLcIm.c
--- libx11-1.0.3~/modules/im/ximcp/imLcIm.c 2006-06-29 19:41:44.000000000 -0700
+++ libx11-1.0.3/modules/im/ximcp/imLcIm.c 2006-10-14 17:52:08.945540956 -0700
@@ -617,7 +617,6 @@
}
#endif
- fp = _XFopenFile (name, "r");
if (! (fp = _XFopenFile (name, "r"))) {
if (tmpcachedir)
Xfree (tmpcachedir);

112
libX11-nls-indic-locales-bug185376.patch
View File

@ -1,112 +0,0 @@
--- libX11-1.0.3/nls/locale.alias.pre.nls-indic-locales 2006-09-30 18:21:05.000000000 -0400
+++ libX11-1.0.3/nls/locale.alias.pre 2006-09-30 18:21:28.000000000 -0400
@@ -100,6 +100,9 @@
ar_TN.iso88596: ar_TN.ISO8859-6
ar_TN.ISO-8859-6: ar_TN.ISO8859-6
ar_TN.utf8: ar_TN.UTF-8
+as: as_IN.UTF-8
+as_IN.utf8: as_IN.UTF-8
+as_IN.UTF-8: as_IN.UTF-8
ar_YE: ar_YE.ISO8859-6
ar_YE.iso88596: ar_YE.ISO8859-6
ar_YE.ISO-8859-6: ar_YE.ISO8859-6
@@ -690,6 +693,9 @@
kl_GL.ISO-8859-1: kl_GL.ISO8859-1
kl_GL.iso885915: kl_GL.ISO8859-15
kl_GL.utf8: kl_GL.UTF-8
+kn: kn_IN.UTF-8
+kn_IN.utf8: kn_IN.UTF-8
+kn_IN.UTF-8: kn_IN.UTF-8
ko: ko_KR.eucKR
ko_KR: ko_KR.eucKR
KO_KR: ko_KR.eucKR
@@ -752,6 +758,9 @@
mk_MK.microsoft-cp1251: mk_MK.CP1251
mk_MK.MICROSOFT-CP1251: mk_MK.CP1251
mk_MK.utf8: mk_MK.UTF-8
+ml: ml_IN.UTF-8
+ml_IN.utf8: ml_IN.UTF-8
+ml_IN.UTF-8: ml_IN.UTF-8
mr_IN: mr_IN.UTF-8
mr_IN.utf8: mr_IN.UTF-8
ms: ms_MY.ISO8859-1
@@ -831,6 +840,9 @@
oc_FR.iso885915: oc_FR.ISO8859-15
oc_FR.ISO-8859-15: oc_FR.ISO8859-15
oc_FR@euro: oc_FR.ISO8859-15
+or: or_IN.UTF-8
+or_IN.utf8: or_IN.UTF-8
+or_IN.UTF-8: or_IN.UTF-8
pa_IN.utf8: pa_IN.UTF-8
pa_IN.UTF-8: pa_IN.UTF-8
pd: pd_US.ISO8859-1
@@ -1000,6 +1012,9 @@
ta_IN: ta_IN.TSCII-0
ta_IN.tscii: ta_IN.TSCII-0
ta_IN.tscii0: ta_IN.TSCII-0
+te: te_IN.UTF-8
+te_IN.utf8: te_IN.UTF-8
+te_IN.UTF-8: te_IN.UTF-8
tg: tg_TJ.KOI8-C
tg_TJ: tg_TJ.KOI8-C
tg_TJ.koi8c: tg_TJ.KOI8-C
@@ -1042,6 +1057,9 @@
uk_UA.microsoft-cp1251: uk_UA.CP1251
uk_UA.MICROSOFT-CP1251: uk_UA.CP1251
uk_UA.utf8: uk_UA.UTF-8
+ur: ur_IN.UTF-8
+ur_IN.utf8: ur_IN.UTF-8
+ur_IN.UTF-8: ur_IN.UTF-8
ur: ur_PK.CP1256
ur_PK: ur_PK.CP1256
ur_PK.cp1256: ur_PK.CP1256
--- libX11-1.0.3/nls/locale.dir.pre.nls-indic-locales 2006-09-30 18:21:22.000000000 -0400
+++ libX11-1.0.3/nls/locale.dir.pre 2006-09-30 18:22:23.000000000 -0400
@@ -27,6 +27,7 @@
iso8859-6/XLC_LOCALE: ar_SY.ISO8859-6
iso8859-6/XLC_LOCALE: ar_TN.ISO8859-6
iso8859-6/XLC_LOCALE: ar_YE.ISO8859-6
+iso8859-6/XLC_LOCALE: as_IN.ISO8859-6
iso8859-9e/XLC_LOCALE: az_AZ.ISO8859-9E
koi8-c/XLC_LOCALE: az_AZ.KOI8-C
iso8859-5/XLC_LOCALE: be_BY.ISO8859-5
@@ -350,6 +351,7 @@
ja_JP.UTF-8/XLC_LOCALE: ja_JP.UTF-8
en_US.UTF-8/XLC_LOCALE: ka_GE.UTF-8
en_US.UTF-8/XLC_LOCALE: kl_GL.UTF-8
+en_US.UTF-8/XLC_LOCALE: kn_IN.UTF-8
ko_KR.UTF-8/XLC_LOCALE: ko_KR.UTF-8
en_US.UTF-8/XLC_LOCALE: kw_GB.UTF-8
en_US.UTF-8/XLC_LOCALE: ky_KG.UTF-8
@@ -358,6 +360,7 @@
en_US.UTF-8/XLC_LOCALE: lv_LV.UTF-8
en_US.UTF-8/XLC_LOCALE: mi_NZ.UTF-8
en_US.UTF-8/XLC_LOCALE: mk_MK.UTF-8
+en_US.UTF-8/XLC_LOCALE: ml_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: mr_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: ms_MY.UTF-8
en_US.UTF-8/XLC_LOCALE: nl_BE.UTF-8
@@ -369,6 +372,7 @@
en_US.UTF-8/XLC_LOCALE: nso_ZA.UTF-8
en_US.UTF-8/XLC_LOCALE: ny_NO.UTF-8
en_US.UTF-8/XLC_LOCALE: oc_FR.UTF-8
+en_US.UTF-8/XLC_LOCALE: or_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: pa_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: pd_DE.UTF-8
en_US.UTF-8/XLC_LOCALE: pd_US.UTF-8
@@ -394,6 +398,7 @@
en_US.UTF-8/XLC_LOCALE: sv_FI.UTF-8
en_US.UTF-8/XLC_LOCALE: sv_SE.UTF-8
en_US.UTF-8/XLC_LOCALE: ta_IN.UTF-8
+en_US.UTF-8/XLC_LOCALE: te_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: tg_TJ.UTF-8
th_TH.UTF-8/XLC_LOCALE: th_TH.UTF-8
en_US.UTF-8/XLC_LOCALE: ti_ER.UTF-8
@@ -404,6 +409,7 @@
en_US.UTF-8/XLC_LOCALE: ts_ZA.UTF-8
en_US.UTF-8/XLC_LOCALE: tt_RU.UTF-8
en_US.UTF-8/XLC_LOCALE: uk_UA.UTF-8
+en_US.UTF-8/XLC_LOCALE: ur_IN.UTF-8
en_US.UTF-8/XLC_LOCALE: ur_PK.UTF-8
en_US.UTF-8/XLC_LOCALE: uz_UZ.UTF-8
en_US.UTF-8/XLC_LOCALE: ve_ZA.UTF-8

22
libX11.spec
View File

@ -1,7 +1,7 @@
Summary: X.Org X11 libX11 runtime library
Name: libX11
Version: 1.0.3
Release: 9%{?dist}
Version: 1.1.2
Release: 1%{?dist}
License: MIT/X11
Group: System Environment/Libraries
URL: http://www.x.org
@ -13,16 +13,14 @@ Patch0: libX11-0.99.3-datadir-locale-dir-fix.patch
# FIXME: https://bugs.freedesktop.org/show_bug.cgi?id=3646 seems to indicate
# this patch is now committed upstream. When libX11-1.0.4 is released,
# manually confirm each patch hunk before removal.
Patch1: libX11-nls-indic-locales-bug185376.patch
Patch2: dont-forward-keycode-0.patch
Patch3: bug-201284.patch
Patch4: libX11-fd-leak.patch
Patch5: libX11-cve-2007-1667.patch
BuildRequires: pkgconfig
# xproto >= 7.0.6 required
BuildRequires: xorg-x11-proto-devel >= 7.1-2
BuildRequires: xorg-x11-xtrans-devel
BuildRequires: libxcb-devel
BuildRequires: libXau-devel
BuildRequires: libXdmcp-devel
@ -56,11 +54,8 @@ X.Org X11 libX11 development package
# of war with these things. It's easier to leave this here than to try and
# find it later.
#%patch0 -p0 -b .datadir-locale-dir-fix
%patch1 -p1 -b .nls-indic-locales-bug185376
%patch2 -p1 -b .dont-forward-keycode-0
%patch3 -p1 -b .3-bug201284
%patch4 -p1 -b .xim-fd-leak
%patch5 -p1 -b .cve-2007-1667
%build
%configure \
@ -224,6 +219,8 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/X11/XKeysymDB
%{_libdir}/libX11.so.6
%{_libdir}/libX11.so.6.2.0
%{_libdir}/libX11-xcb.so.1
%{_libdir}/libX11-xcb.so.1.0.0
%files devel
%defattr(-,root,root,-)
@ -234,17 +231,24 @@ rm -rf $RPM_BUILD_ROOT
%{_includedir}/X11/Xlib.h
%{_includedir}/X11/XlibConf.h
%{_includedir}/X11/Xlibint.h
%{_includedir}/X11/Xlib-xcb.h
%{_includedir}/X11/Xlocale.h
%{_includedir}/X11/Xregion.h
%{_includedir}/X11/Xresource.h
%{_includedir}/X11/Xutil.h
%{_includedir}/X11/cursorfont.h
%{_libdir}/libX11.so
%{_libdir}/libX11-xcb.so
%{_libdir}/pkgconfig/x11.pc
%{_libdir}/pkgconfig/x11-xcb.pc
#%dir %{_mandir}/man3x
%{_mandir}/man3/*.3x*
%{_mandir}/man3/*.3*
%changelog
* Mon Jul 23 2007 Adam Jackson <ajax@redhat.com> 1.1.2-1
- libX11 1.1.2.
- Enable XCB for libX11 transport.
* Sat Apr 21 2007 Matthias Clasen <mclasen@redhat.com> 1.0.3-9
- Don't install INSTALL

2
sources
View File

@ -1 +1 @@
60b787a812c92d33f71860e4e19cb59d libX11-1.0.3.tar.bz2
710bf38a9477a5a1b235bc94f1d0593c libX11-1.1.2.tar.bz2