| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Resolves warning from Oracle Parfait static analyzer:
Warning: Dangling pointer
Dangling pointer [dangling-pointer]:
Invalid pointer is accessible to caller via global addrs
at line 664 of xdm/auth.c in function 'doneAddrs'.
Invalid pointer accessible via global addrs at line 646
a accessed from addrs at line 658 in function 'doneAddrs'
a freed with free at line 662
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Oracle Parfait static analyser points out it wasn't clear if cast or
arithmetic operation in arguments at lines 410, 416, 431, & 433 was
intended to be done first, so we'll make it explicit.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
libsystemd-daemon was merged into libsystemd in 2014, for systemd-209.
Fixes: https://gitlab.freedesktop.org/xorg/app/xdm/-/issues/9
Signed-off-by: Matt Turner <mattst88@gmail.com>
|
|
Found by using:
codespell --builtin clear,rare,usage,informal,code,names
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=93359
while avoiding https://bugs.freedesktop.org/show_bug.cgi?id=107368
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
changing the printf-like format as strlen returns an unsigned type
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Adam Jackson <ajax@redhat.com>
|
|
Introduced by commit 5222d28e8d8e5b4cc
Reported by gcc 7.3:
auth.c: In function ‘SaveServerAuthorizations’:
auth.c:447:6: warning: this ‘if’ clause does not guard... [-Wmisleading-indentation]
if (auths[i]->data_length > 0)
^~
auth.c:452:3: note: ...this statement, but the latter is misleadingly indented as if it were guarded by the ‘if’
(void) fflush (auth_file);
^
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
|
This prevents a malicious user logging out from calling
chmod while still owning /dev/console and thus by-passing
the '622' mode that is set here.
Issue reported by Tim Chase. Thanks.
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
As best I can tell, it was historically under section 1 mainly because
the old X Consortium Imake configs only supported installing program
man pages there, and didn't have an option for using other sections.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Signed-off-by: Mihail Konev <k.mvc@ya.ru>
|
|
Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
fall-outs, when they contain space.
Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Syncs the invocation of configure with the one from the server.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
|
|
From what I can see in the ancient X Consortium archives, the cpp
resource was added in X11R4 and documented but never actually used,
and removed in X11R5 without remembering to remove it from the man page.
Reported-by: John Smith <wempwer@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Nothing has set that since the modularization
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Adam Jackson <ajax@redhat.com>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
protodpy.c:52:35: warning: format specifies type 'unsigned int' but the argument has type 'struct protoDisplay *' [-Wformat]
Debug ("ProtoDisplay 0x%x\n", pdpy);
~~ ^~~~
protodpy.c:54:20: warning: incompatible pointer types passing 'XdmcpNetaddr' (aka 'char *') to parameter of type 'struct sockaddr *'
[-Wincompatible-pointer-types]
PrintSockAddr (pdpy->address, pdpy->addrlen);
^~~~~~~~~~~~~
../include/dm_socket.h:46:45: note: passing argument to parameter 'a' here
extern void PrintSockAddr (struct sockaddr *a, int len);
^
protodpy.c:55:41: warning: format specifies type 'int' but the argument has type 'unsigned long' [-Wformat]
Debug ("\tdate %d (%d from now)\n", pdpy->date, time(0) - pdpy->date);
~~ ^~~~~~~~~~
%lu
protodpy.c:55:53: warning: format specifies type 'int' but the argument has type 'unsigned long' [-Wformat]
Debug ("\tdate %d (%d from now)\n", pdpy->date, time(0) - pdpy->date);
~~ ^~~~~~~~~~~~~~~~~~~~
%lu
protodpy.c:57:32: warning: format specifies type 'int' but the argument has type 'CARD32' (aka 'unsigned long') [-Wformat]
Debug ("\tsessionID %d\n", pdpy->sessionID);
~~ ^~~~~~~~~~~~~~~
%lu
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
|
choose.c:463:1: warning: function 'RunChooser' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
chooser.c:1062:1: warning: function 'DoCancel' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
reset.c:81:1: warning: function 'abortReset' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
server.c:154:1: warning: function 'serverPauseAbort' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
server.c:161:1: warning: function 'serverPauseUsr1' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
server.c:236:1: warning: function 'abortOpen' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
server.c:329:1: warning: function 'PingLost' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
server.c:348:1: warning: function 'PingLostSig' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:231:1: warning: function 'catchTerm' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:293:1: warning: function 'SessionPingFailed' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:240:1: warning: function 'catchAlrm' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:249:1: warning: function 'waitAbort' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:330:1: warning: function 'ManageSession' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:471:1: warning: function 'syncTimeout' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
session.c:519:1: warning: function 'SessionExit' could be declared with attribute 'noreturn' [-Wmissing-noreturn]
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
|
protodpy.c:53:5: error: implicit declaration of function 'PrintSockAddr' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
PrintSockAddr (pdpy->address, pdpy->addrlen);
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
|
protodpy.c:49:1: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int]
PrintProtoDisplay (struct protoDisplay *pdpy)
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
|
netaddr.c:226:2: error: implicit declaration of function 'inet_ntop' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
inet_ntop(a->sa_family, &((struct sockaddr_in6 *) a)->sin6_addr,
^
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
It is not guaranteed that argc > 0. So make sure we don't crash
if no valid command line arguments are given.
Signed-off-by: Egbert Eich <eich@suse.de>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
A new 'inpColor' resource is added for that.
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
error.c: In function ‘LogPanic’:
error.c:93:1: warning: function might be candidate for attribute ‘noreturn’
[-Wsuggest-attribute=noreturn]
LogPanic (const char * fmt, ...)
^
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
In error cleanup path, check to see if realloc returned NULL,
if so, free the still valid input pointer; otherwise the input is
no longer valid, so ignore it and free the realloc output pointer.
Avoids potential double free if you run out of memory at the exact
right spot.
Introduced-by: commit d39dbde390f0f609c03dbd79f0bcc6a3486ca8a3
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
"Use -no-undefined to assure libtool that the library has no unresolved symbols
at link time, so that libtool will build a shared library on platforms that
require that all symbols are resolved when the library is linked."
With a recent libtool (since 2.4.5 or so), "can't build <target> shared library
unless -no-undefined is specified" is an error, rather than a warning, if
./configure'd --enable-shared.
http://tinderbox.x.org/builds/2015-02-22-0009/logs/app-xdm/#build
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
|
|
If not specified, let sessreg use its builtin defaults instead of
replicating the logic here (and possibly getting it wrong), especially
since in sessreg-1.0.8 and earlier, using the -u & -w flags forces
the use of the utmp/wtmp code and not the newer utmpx/wtmpx code.
If --without-{u,w}tmp-file or --with-{u,w}tmp-file=none is specified,
pass "none" as arguments to sessreg to disable writing to that file.
v2: better handling of --with & --without arguments when not passing path,
add documentation of the 3 choices to README
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
NetaddrPort should only return NULL if it wasn't compiled with
support for the address family in use, but checking to be sure
makes static analyzer complain less.
Error: Null pointer dereference (CWE 476)
Read from null pointer port
at line 219 of xdm/choose.c in function 'FormatChooserArgument'.
Function NetaddrPort may return constant 'NULL' at line 77,
called at line 216.
Null pointer introduced at line 77 of xdm/netaddr.c in function
'NetaddrPort'.
at line 220 of xdm/choose.c in function 'FormatChooserArgument'.
Function NetaddrPort may return constant 'NULL' at line 77,
called at line 216.
Null pointer introduced at line 77 of xdm/netaddr.c in function
'NetaddrPort'.
[ This bug was found by the Parfait 1.4.0 bug checking tool.
http://labs.oracle.com/pls/apex/f?p=labs:49:::::P49_PROJECT_ID:13 ]
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
See http://people.gnome.org/~walters/docs/build-api.txt
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
If a file has a \0 byte (binary file, strange encoding, corruption),
fgets() can return a string starting with a \0 byte - check for that
before checking to see if the byte before the \0 is a \n, so we don't
reach back before the start of our memory buffer.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Acked-by: walter harms <wharms@bfs.de>
|
|
When debugging, helps figure out which options the distro or builder
chose to enable or disable.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Acked-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
gcc-4.5.4 on NetBSD complains:
xdm/prngc.c: In function ‘get_prngd_bytes’:
xdm/prngc.c:133:2: error: passing argument 1 of ‘atomicio’ from incompatible pointer type
xdm/prngc.c:46:16: note: expected ‘ssize_t (*)(int, void *, size_t)’ but argument is of type ‘ssize_t (*)(int, const void *, size_t)’
The problem is that the read(2) and write(2) syscalls differ
in the const-ness of their second argument. The wrapper
function gets rid of the difference.
Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Fixes clang warning:
format specifies type 'int' but the argument has type 'unsigned long'
Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
|
Instead, use TBL and CW fonts in examples.
|
|
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
(w/ NULL return) if the salt violates specifications. Additionally,
on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
passed to crypt() fail with EPERM (w/ NULL return).
If using glibc's crypt(), check return value to avoid a possible
NULL pointer dereference.
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Notes:
Fixes CVE-2013-2179
|
|
Found by parfait 1.1 bug checker:
File Descriptor Leak: Leaked File Descriptor newfd
at line 590 of xdm/auth.c in function 'openFiles'.
newfd initialized at line 573 with open
newfd leaks when newfd >= 0 at line 574.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
