diff options
-rw-r--r-- | hw/xquartz/GL/indirect.c | 4 | ||||
-rw-r--r-- | hw/xquartz/X11Application.m | 13 | ||||
-rw-r--r-- | hw/xquartz/X11Controller.m | 2 | ||||
-rw-r--r-- | hw/xquartz/applewm.c | 16 | ||||
-rw-r--r-- | hw/xquartz/darwinfb.h | 2 | ||||
-rw-r--r-- | hw/xquartz/mach-startup/stub.c | 4 | ||||
-rw-r--r-- | hw/xquartz/quartz.c | 3 | ||||
-rw-r--r-- | hw/xquartz/xpr/appledri.c | 10 | ||||
-rw-r--r-- | hw/xquartz/xpr/x-hook.c | 27 |
9 files changed, 56 insertions, 25 deletions
diff --git a/hw/xquartz/GL/indirect.c b/hw/xquartz/GL/indirect.c index 8dabda14d..19b7d86e7 100644 --- a/hw/xquartz/GL/indirect.c +++ b/hw/xquartz/GL/indirect.c @@ -643,10 +643,10 @@ __glFloorLog2(GLuint val) static void *opengl_framework_handle; -static glx_gpa_proc +static glx_func_ptr get_proc_address(const char *sym) { - return (glx_gpa_proc) dlsym(opengl_framework_handle, sym); + return (glx_func_ptr) dlsym(opengl_framework_handle, sym); } static void diff --git a/hw/xquartz/X11Application.m b/hw/xquartz/X11Application.m index 1f9b05dd1..2efbd658b 100644 --- a/hw/xquartz/X11Application.m +++ b/hw/xquartz/X11Application.m @@ -70,6 +70,18 @@ xpbproxy_run(void); static dispatch_queue_t eventTranslationQueue; #endif +#ifndef __has_feature +#define __has_feature(x) 0 +#endif + +#ifndef CF_RETURNS_RETAINED +#if __has_feature(attribute_cf_returns_retained) +#define CF_RETURNS_RETAINED __attribute__((cf_returns_retained)) +#else +#define CF_RETURNS_RETAINED +#endif +#endif + extern Bool noTestExtensions; extern Bool noRenderExtension; extern BOOL serverRunning; @@ -526,6 +538,7 @@ cfrelease(CFAllocatorRef a, const void *b) CFRelease(b); } +CF_RETURNS_RETAINED static CFMutableArrayRef nsarray_to_cfarray(NSArray *in) { diff --git a/hw/xquartz/X11Controller.m b/hw/xquartz/X11Controller.m index 752bda35c..5445c6f3a 100644 --- a/hw/xquartz/X11Controller.m +++ b/hw/xquartz/X11Controller.m @@ -934,7 +934,7 @@ extern char *bundle_id_prefix; == NSAlertDefaultReturn) ? NSTerminateNow : NSTerminateCancel; } -- (void) applicationWillTerminate:(NSNotification *)aNotification +- (void) applicationWillTerminate:(NSNotification *)aNotification _X_NORETURN { int remain; [X11App prefs_synchronize]; diff --git a/hw/xquartz/applewm.c b/hw/xquartz/applewm.c index 4409d4bf6..cc91c9608 100644 --- a/hw/xquartz/applewm.c +++ b/hw/xquartz/applewm.c @@ -378,6 +378,13 @@ ProcAppleWMSetWindowMenu(register ClientPtr client) items = malloc(sizeof(char *) * nitems); shortcuts = malloc(sizeof(char) * nitems); + if (!items || !shortcuts) { + free(items); + free(shortcuts); + + return BadAlloc; + } + max_len = (stuff->length << 2) - sizeof(xAppleWMSetWindowMenuReq); bytes = (char *)&stuff[1]; @@ -391,6 +398,15 @@ ProcAppleWMSetWindowMenu(register ClientPtr client) break; } } + + /* Check if we bailed out of the above loop due to a request that was too long */ + if (j < nitems) { + free(items); + free(shortcuts); + + return BadRequest; + } + X11ApplicationSetWindowMenu(nitems, items, shortcuts); free(items); free(shortcuts); diff --git a/hw/xquartz/darwinfb.h b/hw/xquartz/darwinfb.h index 5de360d75..541128b8e 100644 --- a/hw/xquartz/darwinfb.h +++ b/hw/xquartz/darwinfb.h @@ -26,7 +26,7 @@ */ #ifndef _DARWIN_FB_H -#define _DARWIN_DB_H +#define _DARWIN_FB_H #include "scrnintstr.h" diff --git a/hw/xquartz/mach-startup/stub.c b/hw/xquartz/mach-startup/stub.c index b5a3168ca..756e4ef2d 100644 --- a/hw/xquartz/mach-startup/stub.c +++ b/hw/xquartz/mach-startup/stub.c @@ -353,6 +353,10 @@ main(int argc, char **argv, char **envp) newenvp = (string_array_t)calloc((1 + envpc), sizeof(string_t)); if (!newargv || !newenvp) { + /* Silence the clang static analyzer */ + free(newargv); + free(newenvp); + asl_log(aslc, NULL, ASL_LEVEL_ERR, "Xquartz: Memory allocation failure"); return EXIT_FAILURE; diff --git a/hw/xquartz/quartz.c b/hw/xquartz/quartz.c index 5b977c7f9..bc6c8d048 100644 --- a/hw/xquartz/quartz.c +++ b/hw/xquartz/quartz.c @@ -109,11 +109,14 @@ Bool QuartzAddScreen(int index, ScreenPtr pScreen) { + // The clang static analyzer thinks we leak displayInfo here +#ifndef __clang_analyzer__ // allocate space for private per screen Quartz specific storage QuartzScreenPtr displayInfo = calloc(sizeof(QuartzScreenRec), 1); // QUARTZ_PRIV(pScreen) = displayInfo; dixSetPrivate(&pScreen->devPrivates, quartzScreenKey, displayInfo); +#endif /* __clang_analyzer__ */ // do Quartz mode specific initialization return quartzProcs->AddScreen(index, pScreen); diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c index 9aac07240..77574655b 100644 --- a/hw/xquartz/xpr/appledri.c +++ b/hw/xquartz/xpr/appledri.c @@ -123,6 +123,10 @@ ProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client) rep.length = 0; rep.sequenceNumber = client->sequence; + if (stuff->screen >= screenInfo.numScreens) { + return BadValue; + } + if (!DRIQueryDirectRenderingCapable(screenInfo.screens[stuff->screen], &isCapable)) { return BadValue; @@ -402,6 +406,7 @@ SProcAppleDRIQueryDirectRenderingCapable(register ClientPtr client) { REQUEST(xAppleDRIQueryDirectRenderingCapableReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRIQueryDirectRenderingCapableReq); swapl(&stuff->screen); return ProcAppleDRIQueryDirectRenderingCapable(client); } @@ -411,6 +416,7 @@ SProcAppleDRIAuthConnection(register ClientPtr client) { REQUEST(xAppleDRIAuthConnectionReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRIAuthConnectionReq); swapl(&stuff->screen); swapl(&stuff->magic); return ProcAppleDRIAuthConnection(client); @@ -421,6 +427,7 @@ SProcAppleDRICreateSurface(register ClientPtr client) { REQUEST(xAppleDRICreateSurfaceReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRICreateSurfaceReq); swapl(&stuff->screen); swapl(&stuff->drawable); swapl(&stuff->client_id); @@ -432,6 +439,7 @@ SProcAppleDRIDestroySurface(register ClientPtr client) { REQUEST(xAppleDRIDestroySurfaceReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRIDestroySurfaceReq); swapl(&stuff->screen); swapl(&stuff->drawable); return ProcAppleDRIDestroySurface(client); @@ -442,6 +450,7 @@ SProcAppleDRICreatePixmap(register ClientPtr client) { REQUEST(xAppleDRICreatePixmapReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq); swapl(&stuff->screen); swapl(&stuff->drawable); return ProcAppleDRICreatePixmap(client); @@ -452,6 +461,7 @@ SProcAppleDRIDestroyPixmap(register ClientPtr client) { REQUEST(xAppleDRIDestroyPixmapReq); swaps(&stuff->length); + REQUEST_SIZE_MATCH(xAppleDRIDestroyPixmapReq); swapl(&stuff->drawable); return ProcAppleDRIDestroyPixmap(client); } diff --git a/hw/xquartz/xpr/x-hook.c b/hw/xquartz/xpr/x-hook.c index b5d8ab90e..3922bb86c 100644 --- a/hw/xquartz/xpr/x-hook.c +++ b/hw/xquartz/xpr/x-hook.c @@ -70,34 +70,19 @@ X_PFX(hook_remove) (x_list * lst, x_hook_function * fun, void *data) { X_EXTERN void X_PFX(hook_run) (x_list * lst, void *arg) { - x_list *node, *cell; - x_hook_function **fun; - void **data; - int length, i; + x_list *node; if (!lst) return; - length = X_PFX(list_length) (lst); - fun = malloc(sizeof(x_hook_function *) * length); - data = malloc(sizeof(void *) * length); - - if (!fun || !data) { - FatalError("Failed to allocate memory in %s\n", __func__); - } + for (node = lst; node != NULL; node = node->next) { + x_list *cell = node->data; - for (i = 0, node = lst; node != NULL; node = node->next, i++) { - cell = node->data; - fun[i] = CELL_FUN(cell); - data[i] = CELL_DATA(cell); - } + x_hook_function *fun = CELL_FUN(cell); + void *data = CELL_DATA(cell); - for (i = 0; i < length; i++) { - (*fun[i])(arg, data[i]); + (*fun)(arg, data); } - - free(fun); - free(data); } X_EXTERN void |