diff options
| -rw-r--r-- | Xext/xace.c | 1 | ||||
| -rw-r--r-- | Xext/xacestr.h | 1 | ||||
| -rw-r--r-- | dix/dispatch.c | 32 | ||||
| -rwxr-xr-x | xfixes/cursor.c | 55 | ||||
| -rwxr-xr-x | xfixes/region.c | 34 | ||||
| -rwxr-xr-x | xfixes/saveset.c | 2 | ||||
| -rwxr-xr-x | xfixes/select.c | 9 |
7 files changed, 87 insertions, 47 deletions
diff --git a/Xext/xace.c b/Xext/xace.c index 3091ecd32..cc689864b 100644 --- a/Xext/xace.c +++ b/Xext/xace.c @@ -173,6 +173,7 @@ int XaceHook(int hook, ...) case XACE_SELECTION_ACCESS: { XaceSelectionAccessRec rec = { va_arg(ap, ClientPtr), + va_arg(ap, Atom), va_arg(ap, Selection*), va_arg(ap, Mask), Success /* default allow */ diff --git a/Xext/xacestr.h b/Xext/xacestr.h index 15d39b72e..0957f0da1 100644 --- a/Xext/xacestr.h +++ b/Xext/xacestr.h @@ -115,6 +115,7 @@ typedef struct { /* XACE_SELECTION_ACCESS */ typedef struct { ClientPtr client; + Atom name; Selection *selection; Mask access_mode; int status; diff --git a/dix/dispatch.c b/dix/dispatch.c index 1ad3c9437..7adfe02be 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -1013,10 +1013,6 @@ ProcSetSelectionOwner(ClientPtr client) { xEvent event; - rc = XaceHook(XACE_SELECTION_ACCESS, client, CurrentSelections[i], - DixSetAttrAccess); - if (rc != Success) - return rc; /* If the timestamp in client's request is in the past relative to the time stamp indicating the last time the owner of the selection was set, do not set the selection, just return @@ -1024,6 +1020,12 @@ ProcSetSelectionOwner(ClientPtr client) if (CompareTimeStamps(time, CurrentSelections[i].lastTimeChanged) == EARLIER) return Success; + + rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection, + CurrentSelections[i], DixSetAttrAccess); + if (rc != Success) + return rc; + if (CurrentSelections[i].client && (!pWin || (CurrentSelections[i].client != client))) { @@ -1054,19 +1056,17 @@ ProcSetSelectionOwner(ClientPtr client) CurrentSelections = newsels; CurrentSelections[i].selection = stuff->selection; CurrentSelections[i].devPrivates = NULL; - rc = XaceHook(XACE_SELECTION_ACCESS, CurrentSelections[i], - DixSetAttrAccess); + rc = XaceHook(XACE_SELECTION_ACCESS, stuff->selection, + CurrentSelections[i], DixSetAttrAccess); if (rc != Success) return rc; } - dixFreePrivates(CurrentSelections[i].devPrivates); CurrentSelections[i].lastTimeChanged = time; CurrentSelections[i].window = stuff->window; CurrentSelections[i].destwindow = stuff->window; CurrentSelections[i].pWin = pWin; CurrentSelections[i].client = (pWin ? client : NullClient); CurrentSelections[i].destclient = (pWin ? client : NullClient); - CurrentSelections[i].devPrivates = NULL; if (SelectionCallback) { SelectionInfoRec info; @@ -1092,7 +1092,7 @@ ProcGetSelectionOwner(ClientPtr client) REQUEST_SIZE_MATCH(xResourceReq); if (ValidAtom(stuff->id)) { - int i; + int rc, i; xGetSelectionOwnerReply reply; i = 0; @@ -1101,12 +1101,16 @@ ProcGetSelectionOwner(ClientPtr client) reply.type = X_Reply; reply.length = 0; reply.sequenceNumber = client->sequence; - if (i < NumCurrentSelections && - XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i], - DixGetAttrAccess) == Success) + if (i < NumCurrentSelections) reply.owner = CurrentSelections[i].destwindow; else reply.owner = None; + + rc = XaceHook(XACE_SELECTION_ACCESS, client, stuff->id, NULL, + DixGetAttrAccess); + if (rc != Success) + return rc; + WriteReplyToClient(client, sizeof(xGetSelectionOwnerReply), &reply); return(client->noClientException); } @@ -1143,8 +1147,8 @@ ProcConvertSelection(ClientPtr client) CurrentSelections[i].selection != stuff->selection) i++; if ((i < NumCurrentSelections) && (CurrentSelections[i].window != None) && - XaceHook(XACE_SELECTION_ACCESS, client, &CurrentSelections[i], - DixReadAccess) == Success) + XaceHook(XACE_SELECTION_ACCESS, client, stuff->selection, + &CurrentSelections[i], DixReadAccess) == Success) { event.u.u.type = SelectionRequest; event.u.selectionRequest.time = stuff->time; diff --git a/xfixes/cursor.c b/xfixes/cursor.c index 975ebc36d..91f149e1a 100755 --- a/xfixes/cursor.c +++ b/xfixes/cursor.c @@ -51,6 +51,7 @@ #include "servermd.h" #include "inputstr.h" #include "windowstr.h" +#include "xace.h" static RESTYPE CursorClientType; static RESTYPE CursorHideCountType; @@ -238,7 +239,7 @@ ProcXFixesSelectCursorInput (ClientPtr client) int rc; REQUEST_SIZE_MATCH (xXFixesSelectCursorInputReq); - rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->eventMask & ~CursorAllEvents) @@ -343,14 +344,16 @@ ProcXFixesGetCursorImage (ClientPtr client) xXFixesGetCursorImageReply *rep; CursorPtr pCursor; CARD32 *image; - int npixels; - int width, height; - int x, y; + int npixels, width, height, rc, x, y; REQUEST_SIZE_MATCH(xXFixesGetCursorImageReq); pCursor = CursorCurrent; if (!pCursor) return BadCursor; + rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, + DixReadAccess, pCursor); + if (rc != Success) + return rc; GetSpritePosition (&x, &y); width = pCursor->bits->width; height = pCursor->bits->height; @@ -411,7 +414,7 @@ ProcXFixesSetCursorName (ClientPtr client) Atom atom; REQUEST_AT_LEAST_SIZE(xXFixesSetCursorNameReq); - VERIFY_CURSOR(pCursor, stuff->cursor, client, DixWriteAccess); + VERIFY_CURSOR(pCursor, stuff->cursor, client, DixSetAttrAccess); tchar = (char *) &stuff[1]; atom = MakeAtom (tchar, stuff->nbytes, TRUE); if (atom == BAD_RESOURCE) @@ -444,7 +447,7 @@ ProcXFixesGetCursorName (ClientPtr client) int len; REQUEST_SIZE_MATCH(xXFixesGetCursorNameReq); - VERIFY_CURSOR(pCursor, stuff->cursor, client, DixReadAccess); + VERIFY_CURSOR(pCursor, stuff->cursor, client, DixGetAttrAccess); if (pCursor->name) str = NameForAtom (pCursor->name); else @@ -493,12 +496,16 @@ ProcXFixesGetCursorImageAndName (ClientPtr client) char *name; int nbytes, nbytesRound; int width, height; - int x, y; + int rc, x, y; REQUEST_SIZE_MATCH(xXFixesGetCursorImageAndNameReq); pCursor = CursorCurrent; if (!pCursor) return BadCursor; + rc = XaceHook(XACE_RESOURCE_ACCESS, client, pCursor->id, RT_CURSOR, + DixReadAccess|DixGetAttrAccess, pCursor); + if (rc != Success) + return rc; GetSpritePosition (&x, &y); width = pCursor->bits->width; height = pCursor->bits->height; @@ -675,8 +682,10 @@ ProcXFixesChangeCursor (ClientPtr client) REQUEST(xXFixesChangeCursorReq); REQUEST_SIZE_MATCH(xXFixesChangeCursorReq); - VERIFY_CURSOR (pSource, stuff->source, client, DixReadAccess); - VERIFY_CURSOR (pDestination, stuff->destination, client, DixWriteAccess); + VERIFY_CURSOR (pSource, stuff->source, client, + DixReadAccess|DixGetAttrAccess); + VERIFY_CURSOR (pDestination, stuff->destination, client, + DixWriteAccess|DixSetAttrAccess); ReplaceCursor (pSource, TestForCursor, (pointer) pDestination); return (client->noClientException); @@ -710,7 +719,8 @@ ProcXFixesChangeCursorByName (ClientPtr client) REQUEST(xXFixesChangeCursorByNameReq); REQUEST_FIXED_SIZE(xXFixesChangeCursorByNameReq, stuff->nbytes); - VERIFY_CURSOR(pSource, stuff->source, client, DixReadAccess); + VERIFY_CURSOR(pSource, stuff->source, client, + DixReadAccess|DixGetAttrAccess); tchar = (char *) &stuff[1]; name = MakeAtom (tchar, stuff->nbytes, FALSE); if (name) @@ -838,10 +848,11 @@ ProcXFixesHideCursor (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesHideCursorReq); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) { + ret = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (ret != Success) { client->errorValue = stuff->window; - return BadWindow; + return (ret == BadValue) ? BadWindow : ret; } /* @@ -859,6 +870,11 @@ ProcXFixesHideCursor (ClientPtr client) * This is the first time this client has hid the cursor * for this screen. */ + ret = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen, + DixHideAccess); + if (ret != Success) + return ret; + ret = createCursorHideCount(client, pWin->drawable.pScreen); if (ret == Success) { @@ -885,14 +901,16 @@ ProcXFixesShowCursor (ClientPtr client) { WindowPtr pWin; CursorHideCountPtr pChc; + int rc; REQUEST(xXFixesShowCursorReq); REQUEST_SIZE_MATCH (xXFixesShowCursorReq); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) { + rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (rc != Success) { client->errorValue = stuff->window; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } /* @@ -904,6 +922,11 @@ ProcXFixesShowCursor (ClientPtr client) return BadMatch; } + rc = XaceHook(XACE_SCREEN_ACCESS, client, pWin->drawable.pScreen, + DixShowAccess); + if (rc != Success) + return rc; + pChc->hideCount--; if (pChc->hideCount <= 0) { FreeResource(pChc->resource, 0); diff --git a/xfixes/region.c b/xfixes/region.c index d4316be78..d90b1e0ff 100755 --- a/xfixes/region.c +++ b/xfixes/region.c @@ -109,18 +109,18 @@ ProcXFixesCreateRegionFromBitmap (ClientPtr client) { RegionPtr pRegion; PixmapPtr pPixmap; + int rc; REQUEST (xXFixesCreateRegionFromBitmapReq); REQUEST_SIZE_MATCH (xXFixesCreateRegionFromBitmapReq); LEGAL_NEW_RESOURCE (stuff->region, client); - pPixmap = (PixmapPtr) SecurityLookupIDByType (client, stuff->bitmap, - RT_PIXMAP, - DixReadAccess); - if (!pPixmap) + rc = dixLookupResource((pointer *)&pPixmap, stuff->bitmap, RT_PIXMAP, + client, DixReadAccess); + if (rc != Success) { client->errorValue = stuff->bitmap; - return BadPixmap; + return (rc == BadValue) ? BadPixmap : rc; } if (pPixmap->drawable.depth != 1) return BadMatch; @@ -155,15 +155,17 @@ ProcXFixesCreateRegionFromWindow (ClientPtr client) RegionPtr pRegion; Bool copy = TRUE; WindowPtr pWin; + int rc; REQUEST (xXFixesCreateRegionFromWindowReq); REQUEST_SIZE_MATCH (xXFixesCreateRegionFromWindowReq); LEGAL_NEW_RESOURCE (stuff->region, client); - pWin = (WindowPtr) LookupIDByType (stuff->window, RT_WINDOW); - if (!pWin) + rc = dixLookupResource((pointer *)&pWin, stuff->window, RT_WINDOW, + client, DixGetAttrAccess); + if (rc != Success) { client->errorValue = stuff->window; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } switch (stuff->kind) { case WindowRegionBounding: @@ -224,7 +226,7 @@ ProcXFixesCreateRegionFromGC (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesCreateRegionFromGCReq); LEGAL_NEW_RESOURCE (stuff->region, client); - rc = dixLookupGC(&pGC, stuff->gc, client, DixReadAccess); + rc = dixLookupGC(&pGC, stuff->gc, client, DixGetAttrAccess); if (rc != Success) return rc; @@ -274,7 +276,7 @@ ProcXFixesCreateRegionFromPicture (ClientPtr client) REQUEST_SIZE_MATCH (xXFixesCreateRegionFromPictureReq); LEGAL_NEW_RESOURCE (stuff->region, client); - VERIFY_PICTURE(pPicture, stuff->picture, client, DixReadAccess, + VERIFY_PICTURE(pPicture, stuff->picture, client, DixGetAttrAccess, RenderErrBase + BadPicture); switch (pPicture->clientClipType) { @@ -635,7 +637,7 @@ ProcXFixesSetGCClipRegion (ClientPtr client) REQUEST(xXFixesSetGCClipRegionReq); REQUEST_SIZE_MATCH(xXFixesSetGCClipRegionReq); - rc = dixLookupGC(&pGC, stuff->gc, client, DixWriteAccess); + rc = dixLookupGC(&pGC, stuff->gc, client, DixSetAttrAccess); if (rc != Success) return rc; @@ -681,14 +683,16 @@ ProcXFixesSetWindowShapeRegion (ClientPtr client) ScreenPtr pScreen; RegionPtr pRegion; RegionPtr *pDestRegion; + int rc; REQUEST(xXFixesSetWindowShapeRegionReq); REQUEST_SIZE_MATCH(xXFixesSetWindowShapeRegionReq); - pWin = (WindowPtr) LookupIDByType (stuff->dest, RT_WINDOW); - if (!pWin) + rc = dixLookupResource((pointer *)&pWin, stuff->dest, RT_WINDOW, + client, DixSetAttrAccess); + if (rc != Success) { client->errorValue = stuff->dest; - return BadWindow; + return (rc == BadValue) ? BadWindow : rc; } VERIFY_REGION_OR_NONE(pRegion, stuff->region, client, DixWriteAccess); pScreen = pWin->drawable.pScreen; @@ -780,7 +784,7 @@ ProcXFixesSetPictureClipRegion (ClientPtr client) REQUEST(xXFixesSetPictureClipRegionReq); REQUEST_SIZE_MATCH (xXFixesSetPictureClipRegionReq); - VERIFY_PICTURE(pPicture, stuff->picture, client, DixWriteAccess, + VERIFY_PICTURE(pPicture, stuff->picture, client, DixSetAttrAccess, RenderErrBase + BadPicture); pScreen = pPicture->pDrawable->pScreen; ps = GetPictureScreen (pScreen); diff --git a/xfixes/saveset.c b/xfixes/saveset.c index 8d66843d9..e6e297638 100755 --- a/xfixes/saveset.c +++ b/xfixes/saveset.c @@ -35,7 +35,7 @@ ProcXFixesChangeSaveSet(ClientPtr client) REQUEST(xXFixesChangeSaveSetReq); REQUEST_SIZE_MATCH(xXFixesChangeSaveSetReq); - result = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + result = dixLookupWindow(&pWin, stuff->window, client, DixManageAccess); if (result != Success) return result; if (client->clientAsMask == (CLIENT_BITS(pWin->drawable.id))) diff --git a/xfixes/select.c b/xfixes/select.c index c0076801d..9de152f29 100755 --- a/xfixes/select.c +++ b/xfixes/select.c @@ -25,6 +25,7 @@ #endif #include "xfixesint.h" +#include "xace.h" static RESTYPE SelectionClientType, SelectionWindowType; static Bool SelectionCallbackRegistered = FALSE; @@ -131,8 +132,14 @@ XFixesSelectSelectionInput (ClientPtr pClient, WindowPtr pWindow, CARD32 eventMask) { + int rc; SelectionEventPtr *prev, e; + rc = XaceHook(XACE_SELECTION_ACCESS, pClient, selection, NULL, + DixGetAttrAccess); + if (rc != Success) + return rc; + for (prev = &selectionEvents; (e = *prev); prev = &e->next) { if (e->selection == selection && @@ -196,7 +203,7 @@ ProcXFixesSelectSelectionInput (ClientPtr client) int rc; REQUEST_SIZE_MATCH (xXFixesSelectSelectionInputReq); - rc = dixLookupWindow(&pWin, stuff->window, client, DixReadAccess); + rc = dixLookupWindow(&pWin, stuff->window, client, DixSetAttrAccess); if (rc != Success) return rc; if (stuff->eventMask & ~SelectionAllEvents) |