diff options
| author |   Donnie Berkholz <dberkholz@gentoo.org> | 2008-05-08 08:20:43 +0000 |
|---|---|---|
| committer | Donnie Berkholz <dberkholz@gentoo.org> | 2008-05-08 08:20:43 +0000 |
| commit | e4cdda845f528a4ea80a24fbee1e3ec80ad33b63 (patch) | |
| tree | f30fba8ea19aea4a89332488676a94db55981626 /x11-base | |
| parent | Add an unkeyworded new revision with tons of fixes from upstream's 1.4 branch... (diff) | |
| download | historical-e4cdda845f528a4ea80a24fbee1e3ec80ad33b63.tar.gz historical-e4cdda845f528a4ea80a24fbee1e3ec80ad33b63.tar.bz2 historical-e4cdda845f528a4ea80a24fbee1e3ec80ad33b63.zip | |
Add an unkeyworded new revision with tons of fixes from upstream's 1.4 branch. More patches may be coming soon, and rekeywording is pending on that. I expect this to be a candidate for stable.
Package-Manager: portage-2.1.5_rc7
Diffstat (limited to 'x11-base')
44 files changed, 2467 insertions, 4 deletions
diff --git a/x11-base/xorg-server/Manifest b/x11-base/xorg-server/Manifest index 0304432545dd..d25c7ec9b25b 100644 --- a/x11-base/xorg-server/Manifest +++ b/x11-base/xorg-server/Manifest @@ -35,6 +35,49 @@ AUX 1.4-fix-xprint-link.patch 588 RMD160 4a5ec1cd69047a94917c0bf29f1f557ec05059c AUX 1.4-fpic-libxf86config.patch 374 RMD160 614d69f83b7f4d4999efa906f2059b7f287e22c1 SHA1 1f113823c03f69e79b10965908945df629b73474 SHA256 017e7ba2954dcc2281f8626977d47fd8bd037f05e680e51b8e4ae7316455a237 AUX 1.4-ia64.patch 1872 RMD160 6bc82c87140ee81150c34df486b5b4d9620dde9c SHA1 b43aadafd7ce144790cf9eccf8a9840baf3205bd SHA256 950714ce230791ce9d54e21044961d9435e4eb774f82e5047f9adcd5fd4661ec AUX 1.4.0.90-clean-generated-files.patch 595 RMD160 e4044e8c1f1b92db38a7e53b77109ff80fb4d22a SHA1 9eaf182c435946596462106547e9d52f819cb397 SHA256 8a57ddae701218b425bbe59c2d387c81d65af2d29c67ea9f8550c8201841f9a7 +AUX 1.4.0.90/0001-Bug-13308-Verify-and-reject-obviously-broken-modes.patch 1066 RMD160 7a7d2f10eba4e2f20ecf793a54faa22dabdde573 SHA1 e00b0e764771bddaf2541b6b8c2d0da4999733ca SHA256 aafce7a98dcfea631c44504ab5bff78e7010ca9899bfb8749d5190b3cb171d86 +AUX 1.4.0.90/0002-bgPixel-unsigned-long-is-64-bit-on-x86_64-so-1.patch 1115 RMD160 4fa84411171f2e6f965bd7a1911f603fdd4dbbf9 SHA1 60f5914ec97dec52e72a29cdfb36558f81ecda15 SHA256 55824948145bf996a43868dd93cdcd5df043e3ac3a672cdc5cf52abe06005eba +AUX 1.4.0.90/0003-Xprint-Clean-up-generated-files.patch 719 RMD160 4bc21f3eac1c2ea737fbc5c46a4e6628795c6bcc SHA1 3803df8e78f91e0b069a87f2b1b8ab22da85b46e SHA256 f1afa2d771072bdb04e47228ef0067ed180f19e8967277e7aa0deab69104372c +AUX 1.4.0.90/0004-Config-D-Bus-Don-t-leak-timers.patch 1353 RMD160 c745c7d25659d5d2a1694d4cd10e3e4af4385b33 SHA1 c3cb5a8f94c969825e6e4af83b082bc3fa754055 SHA256 22a3764f72cd888de7756965cdd7650c4bae1d34791604c7a073bbc2218668eb +AUX 1.4.0.90/0005-Config-HAL-Don-t-leak-options-on-failure-to-add-de.patch 1919 RMD160 7d0f9d86e7eb5fe732203a7af52b9033e890ccad SHA1 bce54d3f452ea020e05ff012c279c6cc5d49cab9 SHA256 a46cafdfa293dc16b35a9977f449a84cc8deb347a1aabcb305546d9e3efc8711 +AUX 1.4.0.90/0006-OS-Don-t-leak-connection-translation-table-on-regen.patch 830 RMD160 fdd8a862086307bdfc3379ca24b94a6eb49b145c SHA1 41a08647dd535a45b0adb81401c8b8358b43cf7c SHA256 74b4171174d67ea019e961d562aff504704c815136d8bfff79ecbd166a017bcf +AUX 1.4.0.90/0007-KDrive-Xephyr-Don-t-leak-screen-damage-structure.patch 872 RMD160 eaec47dfad778585659a4d6ba90dc67e94cb63a4 SHA1 be85ab848e1ad57076bf4852d2e7c8b88ed29c3c SHA256 bb950597d42649e799bca994c0a7958bdc28a64ac8e81e537e4ac10e2e5c7a0c +AUX 1.4.0.90/0008-Input-Don-t-reinit-devices.patch 921 RMD160 4b7f1a8e27c65dee361aa75fc6738d823f0383b1 SHA1 8493c75328f58a882cc919541d4e0ecebed31852 SHA256 338b148789a84087f5208e2eda5925aa5e80e86c75e902640d0141e6034b619c +AUX 1.4.0.90/0009-include-never-overwrite-realInputProc-with-enqueueI.patch 1489 RMD160 f17760b034b1e71dfe4a2e950d8624b973141ae8 SHA1 6467bfee92765e15355c3b7a4e7f45e86c265ba9 SHA256 d010e9bd9f5ecd47ca2de1995a390502dcfdbc9d73ac434e9e04229b7ba96365 +AUX 1.4.0.90/0010-OS-IO-Zero-out-client-buffers.patch 861 RMD160 0f6ac780a880dfab70159fbd770b7fbaf070e8f8 SHA1 36faf03d4133ae742479987ac90758aeedfa2193 SHA256 e220b704b72db42ea62c5a1b2fcf644137c4fd19dcb61f4b74d4b987222ff1a3 +AUX 1.4.0.90/0011-XKB-XkbCopyKeymap-Don-t-leak-all-the-sections.patch 941 RMD160 49d4dca11b70ae89ff21800fe85df7f82be34170 SHA1 20a243ba686462b857a022f2052988be9706593b SHA256 ac4fad50d2baf4988d53567d6a9ca59cd19aa9a5435ee4ad4a3b69a6c4028f9c +AUX 1.4.0.90/0012-Xephyr-One-time-keyboard-leak-fix.patch 912 RMD160 75a735c8763090de987371cb13e76b2b12453d14 SHA1 62ca71d5f158f76edcab37e954b3b16798b82e61 SHA256 ea73a5ec0b0d75c88b852dbba533d0be66634f2df883ece2f938f250d47a4ec8 +AUX 1.4.0.90/0013-Fix-for-CVE-2007-5760-XFree86-Misc-extension-out-o.patch 980 RMD160 5088fb0cb840b9f6e77187a76bd2d48e397b9eba SHA1 8318fb14dee695e11771a3d83a669c63497f4c41 SHA256 22f66fb059e03e64d869d43aff6292271b830c64fd79d0d2a190f141f0da588d +AUX 1.4.0.90/0014-Fix-for-CVE-2007-6428-TOG-cup-extension-memory-cor.patch 747 RMD160 3fc0e01aa2cf0f1f22691caff9001b35afb937ab SHA1 26b9473115e4e891364f0ef2d4f2702aa7654edf SHA256 31023b19e4731027b7f141da58a0b73e668f6479283d8d6a32b18c94dde5987e +AUX 1.4.0.90/0015-Fix-for-CVE-2007-6427-Xinput-extension-memory-corr.patch 7342 RMD160 eca6339c9c94d3dba77a38ab5b18ba284db647ff SHA1 a018b5f3d83924c16c97a3f33ebf4c6244959210 SHA256 771f6f0b8d7db8df4a7a020684bd1f4bf67967e00fe18b8b178b0d396983380a +AUX 1.4.0.90/0016-Fix-for-CVE-2007-6429-MIT-SHM-and-EVI-extensions-i.patch 6830 RMD160 4a5d691c978ad37440474710ed24c65a406ae77d SHA1 f5a8be495d0dcc97b2de9f63b92012e5b253982c SHA256 2b70079c797d3dee6ba7778f7abe86c9f2ffdef1e37cdbb02b5ca2ff49e82d5a +AUX 1.4.0.90/0017-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch 912 RMD160 cbce0d132c50cca78c49e19452e191ef68814816 SHA1 d44cf3bb2d43a932599b013c0acb8dc7a9b67ff9 SHA256 9f7a61d4c27cf3212e0403f3815a0ee1aa9c9834d536b26637960e777deda65e +AUX 1.4.0.90/0018-Fix-for-CVE-2007-5958-File-existence-disclosure.patch 870 RMD160 5a1590a2c0ff8fa05f42bc521c6ff4eab835ed1c SHA1 168f778221d4946d23916ee90b8b23cef2e384a1 SHA256 c0cbaf1b750b7b34cdc6ac759927bde2c10fb9358c6f792b6762a690755a3d2f +AUX 1.4.0.90/0019-CVE-2007-6429-Don-t-spuriously-reject-8bpp-shm-pix.patch 2663 RMD160 df43d1007c2d7929cc905578ce16e9190f86e5f9 SHA1 e441902688afceb3a69743f983d0cf8757583e5d SHA256 5879807da70afa579ca3cb4950e05ea4753e5c04393ebdf67bf3aea472246b42 +AUX 1.4.0.90/0020-dix-set-the-correct-number-of-valuators-in-valuator.patch 1141 RMD160 46d0bbc11476b5387dc6f40dc6ed364b91ed85e9 SHA1 6ec2db7ab5875001d697072603f7bbb0dd5b0918 SHA256 c1bcd5408be9ec752a0e9fbefc446cfba66e175a68fec7bbb4784b2afd84e690 +AUX 1.4.0.90/0021-xkb-don-t-update-LEDs-if-they-don-t-exist.-Bug-13.patch 1018 RMD160 74973f08908b1886771918c0d09d74bc18973291 SHA1 33bcdf1f34438b82f2f49f1230c454d44db806f7 SHA256 f01010eb2ebb0004ca5021d7d82e4ca9a7ca97fc601575c75458186113c89e59 +AUX 1.4.0.90/0022-security-Fix-for-Bug-14480-untrusted-access-broke.patch 778 RMD160 583086061e91f8bcabc65e8ca532ca17f3b33f62 SHA1 057838b8e32b1372e7fe5e9cacd3db26a3170e63 SHA256 16239f6f3eede01a10fc188664d5ec65bfc7abe2323c6a69eb3ce15b8e463c94 +AUX 1.4.0.90/0023-Resize-composite-overlay-window-when-the-root-window.patch 2001 RMD160 564a712f423ed253f3cb81cf095501a2058db25a SHA1 a58feb741cbb822a9662348ea8955db84309a669 SHA256 f6a012697d9c82b70f79f15e40dcd15eda1ea3712837ea489924a2f174fc9fff +AUX 1.4.0.90/0024-Fix-rotation-for-multi-monitor-situation.patch 1160 RMD160 5f73d797e973e5bf7725d4e1676e0cc382c40658 SHA1 d8addba81bae9a2150c162b896619bd42ca4397d SHA256 c8b90041b3b2d30cfe203690064a5d377613b4518e3baffd8657d275c58b98e4 +AUX 1.4.0.90/0025-Don-t-break-grab-and-focus-state-for-a-window-when-r.patch 1353 RMD160 45f37da1ee642fc182d9977a59bf7b45403b8467 SHA1 c10b77bed7f2f016cb2d43a097a431461915af8d SHA256 215cd3641d36511a1184cffd248e580e8411caaf865c53b37ab5b1e32d1291c9 +AUX 1.4.0.90/0026-CVE-2007-6429-Always-test-for-size-offset-wrapping.patch 1332 RMD160 63011b66b47f30a4426559bb68aafac152b7c037 SHA1 219ca0a2bb455192c1944b7b18d4963cef499545 SHA256 e3e23bfd39b0d16fb31bef0ef3218e8548de43eee2b011e0a5d9b409d7d15b02 +AUX 1.4.0.90/0027-Fix-context-sharing-between-direct-indirect-contexts.patch 1019 RMD160 1939ba0bf9ede3b4f4742a987d89e3f3d85d0edf SHA1 d6125ad5ee945417fdf4c7adc1e9624d00e425a7 SHA256 caf657582c25de122ddebc930ebea9c0535a162192ac1338fcb6721485ef1627 +AUX 1.4.0.90/0028-Add-some-more-support-for-DragonFly.-From-Joerg-Sonn.patch 2993 RMD160 e843dd1b627bc669337b4de0fd2202c861897f8c SHA1 69e312c2687cfe2278ad57ab438808ba79ef9f37 SHA256 f7d2a501e60cf0f9eab3866a14852df8d4bfa57c12236506b5866fb77a7e733f +AUX 1.4.0.90/0029-configure.ac-DragonFly-BSD-support.patch 1570 RMD160 10234d211dc79ac71bcef7606700db66d6f2dc5b SHA1 54b7ebe23e4efb9276b9413d2dde9c9d4edc7dcd SHA256 918d5a558afa80ad0c179652d23e6ef36f7316c5444ca3836540081ec4518d25 +AUX 1.4.0.90/0030-Fixed-configure.ac-for-autoconf-2.62.patch 780 RMD160 3c59fbd4af8344349bdd7c6c2b06a017a41946fe SHA1 2878663b1794200bae152631b63e3b26ffd9e94f SHA256 857e61a19a0acfb4e4ed4dca8943e72c2d0859b33c4968f5a48393e0ceea8423 +AUX 1.4.0.90/0031-EXA-Fix-off-by-one-in-polyline-drawing.patch 862 RMD160 ee5b9ed8ed0ac4499704a008c6e79254a6e508e7 SHA1 4bdad4e4a8100e18ae511292b34ca4bdf9bd45c9 SHA256 a00c0ebb2a523a5ecbe79b78af040df95ea25fb93c313507137add7530e35439 +AUX 1.4.0.90/0032-XKB-Fix-processInputProc-wrapping.patch 3158 RMD160 7aecd1b497f126ae520c2dff358ea7db762d9e37 SHA1 91ab28e5f463c22142112d3c0f03c205fe39be11 SHA256 9cc487dba264d9c170e8deae56ab42860fb40f9503b13b5b5b07ff84a0956fe7 +AUX 1.4.0.90/0033-xfree86-fix-AlwaysCore-handling.-Bug-14256.patch 1119 RMD160 9afa1abfa053ce22cf9106536b32367b963e2f15 SHA1 e8af7f18d14373e1b64f42a0af6cf51c9ac15a58 SHA256 6fca5d008038282ac4ea05ae80b68709be5902a5e6cfbb604636e3d454400173 +AUX 1.4.0.90/0034-Ignore-not-just-block-SIGALRM-around-Popen-Pcl.patch 1718 RMD160 81c0003858710177ddd879b67c301a1442996a98 SHA1 031231c784f39940281a2cf68387c09c821fa487 SHA256 4c7d930aa63f4e91e069552246097e6e3318718e740b8fa23bc8159e566d8bb9 +AUX 1.4.0.90/0035-Fix-build-on-FreeBSD-after-Popen-changes.patch 643 RMD160 22b1f3f586856c511ed6a4504c19623a22b53a81 SHA1 511eb3b79ce670a7246080989e778713e384de5c SHA256 943bedf7d50aa2edfdc863956c6d8aa421a8bcc117ee27553a9aa399b36493d2 +AUX 1.4.0.90/0036-So-like-checking-return-codes-of-system-calls-sig.patch 2084 RMD160 d88362f0aded245643a0983191b577a43a798326 SHA1 c46f7a38e1cdcc2ac8fca295dea84282ba2ba2a8 SHA256 b01b028be25c1732cf89c8d26dd563d44430d93b4d0ef5ec5cf64c31904581a3 +AUX 1.4.0.90/0037-Check-for-sys-sdt.h-as-well-when-determining-to-en.patch 1364 RMD160 efdb7e51394df787de77b19fcf2a671e5745c55b SHA1 56a4de5277f41692470eb7f5232abf370915e088 SHA256 01d007f64c4bf8ae70c62cd4fa0fa1b3d598f8776368edbd5e03be4ce680d84b +AUX 1.4.0.90/0038-dix-Always-add-valuator-information-if-present.patch 1953 RMD160 3323165b1e1bac4975125c4484a3b189a9895c44 SHA1 17bb9013d53dcd062c3945af96c7876e2d05c9d0 SHA256 e4d5fad4931d37eedbb1056bc2cc3a45593b850a071851be4ef56ef39a9c3c2b +AUX 1.4.0.90/0039-Bug-10324-dix-Allow-arbitrary-value-ranges-in-Ge.patch 1350 RMD160 7abec3b4353b95022c5a76cc38493866d2d44381 SHA1 0842a62ed2d0bed558dea0a3df696cc041d4d6e7 SHA256 20a2dc688886de6ac6516c9c15a493fb847460b4c67adf1a247cf104d23c90f6 +AUX 1.4.0.90/0040-Bug-10324-dix-Add-scaling-of-X-and-Y-on-the-repo.patch 7279 RMD160 4d3fe2057ccf82b001a3736b3bccbb956f9f3704 SHA1 1930d8d19b2afbd157349199a327548139b3d857 SHA256 3426664369211568b91fb0204b44327600d727efac7467fe7f0021ed64f7b5d9 +AUX 1.4.0.90/0041-dix-Skip-call-to-clipAxis-for-relative-core-events.patch 3670 RMD160 465cffebdcde7dc52022ae7133ff335347fd7605 SHA1 c311b2e4b5874718698671f56f89a269a9ebbaf7 SHA256 640f5b876364047fce4754615c159f7f9f527afb3deab5246b86853defb639ec +AUX 1.4.0.90/0042-dix-Move-motion-history-update-until-after-screen-c.patch 2022 RMD160 d192c17c794335a6397dba46b61afaed60c47152 SHA1 8bd14bc6f88268657d010dbb82572cb8af13ea7e SHA256 4eb5b8066908d1d7b9b359a915bd3e08b6a5cf438459d100ebf5241029dc6408 +AUX 1.4.0.90/0043-XKB-Actually-explain-keymap-failures.patch 4163 RMD160 f9747730ee551ec64dd386aab41d4f560b313407 SHA1 29c45125eea26dc0a2163f19e0180e47fb886494 SHA256 bc9ca4b91b89a18db0fba597a0673f5b747a9fd79b1e046c769fca50239acea1 AUX avoid-crash-on-minimized-xv-window.patch 1970 RMD160 a41e37359a05b4dc4c796e569b3f00e9dcb210d4 SHA1 54447e96f4f10e2993e0e675091f6026e63b56b6 SHA256 6e1cbe4f588674d70d3564962a79b4b7d271162040f9a2390f29f03cfeac87bd AUX use-composite-for-unequal-depths.patch 3528 RMD160 be7b5b07e8c890d596c5e2c49152f7df833487ea SHA1 1ade1846c1549c5a7eb3775d86973eb87bdb48ff SHA256 b38c079aaac0d8168cd4b45d2c1b8020338918c96855989dce89324c800622c0 AUX xorg-server-1.4.0.90-automake-1.10.1-fixup.patch 357 RMD160 06d03313a419fcad6b3668888e32dad28defb3a4 SHA1 3bdd2a6faa808445b2b365b420a9ce5882501035 SHA256 afb9593b3cedfdc9c768436df64b4878504804e93984672a58d96660b2b87afc @@ -48,12 +91,13 @@ DIST xorg-server-1.4.0.90.tar.bz2 6315011 RMD160 181b3c682710265df3c6ed30e164be9 EBUILD xorg-server-1.3.0.0-r4.ebuild 17872 RMD160 caf61a35a2486a3248dab00dc2a928dd2e11e015 SHA1 2552f8fc12bc8b446e65b912dbd86f7cf4019ec5 SHA256 fcf3d38047d812e887769b17ffe7c94035fc6376bc6b307b04190851bb3ed19c EBUILD xorg-server-1.3.0.0-r5.ebuild 18114 RMD160 e6fffcc39506db21aafee5e70b8bb043026d5290 SHA1 3e716d92bc096757eb29c3e1e7ae9365a1925f07 SHA256 bb90fb9650d061d42625d99aefefe4de9e032c0b8e517be7c19a5b9ea15a742d EBUILD xorg-server-1.4.0.90-r3.ebuild 19018 RMD160 1079fe20b0de68e0677071ac70e878f7096bc385 SHA1 47cd9165b2da82a910e87ed14ee0da30fbd20ebe SHA256 7e21429ca3c6bfe57fddeb3c5d7d57d3e5a50108a5c1c4bb6b987014bc08923e -MISC ChangeLog 70149 RMD160 7338e7aeebc3c67c5ece0d06b3cf678a55bd2024 SHA1 bf9227b46545dc4f9ad83bef95dc4cac483e12bc SHA256 ef8822669d767d601a05ff2440119f7954875b6ae2210d477a23034bd9a84e25 +EBUILD xorg-server-1.4.0.90-r4.ebuild 18261 RMD160 b4a517b86a0c7fd391a1b5727abcc1f50164058c SHA1 3f42930920c1b5afa8b4c4e75f881bf402fcfe31 SHA256 8563be846f91086ff956e0f82fa9ffe7e1b3065028ab886cb4f08550d808443f +MISC ChangeLog 73809 RMD160 829919b01b938c44de56c292a4863fcf2cf1b5b6 SHA1 30f4bdac8b250da957eb90c3165ff9427e89408d SHA256 567f3574d6df135f7abc5fb1d86838e7b6f91ffe43dd0bbb67d7b11766ea309a MISC metadata.xml 156 RMD160 c1274bdccf57603d580de0075ba07a35b7509560 SHA1 6f78f604e3d079d39189b40aaaa1ddb06182ad91 SHA256 5101ab0d4cc8c7125eea733c44e86962769bd77acaf53b69223b9cadcdd29055 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) -iEYEARECAAYFAkghInEACgkQXVaO67S1rtu8egCeMezAyUwfwcZC19yIBdGyXjG/ -ku8AoOPAwDkFaKDo5Nxt1XkDDCTon64c -=tNxx +iEYEARECAAYFAkgit9YACgkQXVaO67S1rtvkQQCffpdqcFCqXroNLyk6I9OYivqr +RugAoNbDEnPDMzD5DAzkVlNWDgMlbiVz +=JB3/ -----END PGP SIGNATURE----- diff --git a/x11-base/xorg-server/files/1.4.0.90/0001-Bug-13308-Verify-and-reject-obviously-broken-modes.patch b/x11-base/xorg-server/files/1.4.0.90/0001-Bug-13308-Verify-and-reject-obviously-broken-modes.patch new file mode 100644 index 000000000000..5a7c1aad6058 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0001-Bug-13308-Verify-and-reject-obviously-broken-modes.patch @@ -0,0 +1,30 @@ +From f4bcb53e86bb103b6bcf8a3a170a36137c34d272 Mon Sep 17 00:00:00 2001 +From: Hong Liu <hong.liu@intel.com> +Date: Wed, 5 Dec 2007 17:48:28 +0100 +Subject: [PATCH] Bug 13308: Verify and reject obviously broken modes. + (cherry picked from commit c6cfcd408df3e44d0094946c0a7d2fa944b4d2d1) + +--- + hw/xfree86/modes/xf86EdidModes.c | 6 ++++++ + 1 files changed, 6 insertions(+), 0 deletions(-) + +diff --git a/hw/xfree86/modes/xf86EdidModes.c b/hw/xfree86/modes/xf86EdidModes.c +index 8b5e69d..e2ae665 100644 +--- a/hw/xfree86/modes/xf86EdidModes.c ++++ b/hw/xfree86/modes/xf86EdidModes.c +@@ -239,6 +239,12 @@ DDCModeFromDetailedTiming(int scrnIndex, struct detailed_timings *timing, + Mode->VSyncEnd = Mode->VSyncStart + timing->v_sync_width; + Mode->VTotal = timing->v_active + timing->v_blanking; + ++ /* perform basic check on the detail timing */ ++ if (Mode->HSyncEnd > Mode->HTotal || Mode->VSyncEnd > Mode->VTotal) { ++ xfree(Mode); ++ return NULL; ++ } ++ + xf86SetModeDefaultName(Mode); + + /* We ignore h/v_size and h/v_border for now. */ +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0002-bgPixel-unsigned-long-is-64-bit-on-x86_64-so-1.patch b/x11-base/xorg-server/files/1.4.0.90/0002-bgPixel-unsigned-long-is-64-bit-on-x86_64-so-1.patch new file mode 100644 index 000000000000..9ec86c51e4b0 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0002-bgPixel-unsigned-long-is-64-bit-on-x86_64-so-1.patch @@ -0,0 +1,34 @@ +From 41f735fbe02f59bc7bcca335c6e743c72c2fc44c Mon Sep 17 00:00:00 2001 +From: Hong Liu <hong.liu@intel.com> +Date: Tue, 4 Sep 2007 08:46:46 +0100 +Subject: [PATCH] bgPixel (unsigned long) is 64-bit on x86_64, so -1 != 0xffffffff + +This patch should fix bug 8080. +(cherry picked from commit 9adea807038b64292403ede982075fe1dcfd4c9a) +--- + hw/xfree86/xaa/xaaGC.c | 9 +++++---- + 1 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/hw/xfree86/xaa/xaaGC.c b/hw/xfree86/xaa/xaaGC.c +index f3434c9..b3dc83a 100644 +--- a/hw/xfree86/xaa/xaaGC.c ++++ b/hw/xfree86/xaa/xaaGC.c +@@ -80,10 +80,11 @@ XAAValidateGC( + } + + if(pGC->depth != 32) { +- if(pGC->bgPixel == -1) /* -1 is reserved for transparency */ +- pGC->bgPixel = 0x7fffffff; +- if(pGC->fgPixel == -1) /* -1 is reserved for transparency */ +- pGC->fgPixel = 0x7fffffff; ++ /* 0xffffffff is reserved for transparency */ ++ if(pGC->bgPixel == 0xffffffff) ++ pGC->bgPixel = 0x7fffffff; ++ if(pGC->fgPixel == 0xffffffff) ++ pGC->fgPixel = 0x7fffffff; + } + + if((pDraw->type == DRAWABLE_PIXMAP) && !IS_OFFSCREEN_PIXMAP(pDraw)){ +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0003-Xprint-Clean-up-generated-files.patch b/x11-base/xorg-server/files/1.4.0.90/0003-Xprint-Clean-up-generated-files.patch new file mode 100644 index 000000000000..79d927ea6e0c --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0003-Xprint-Clean-up-generated-files.patch @@ -0,0 +1,24 @@ +From d988da6eee8422774dff364050bf431b843a714a Mon Sep 17 00:00:00 2001 +From: Arkadiusz Miskiewicz <arekm@maven.pl> +Date: Thu, 13 Dec 2007 00:09:08 +0200 +Subject: [PATCH] Xprint: Clean up generated files + +Remember to clean generated wrapper files. +(cherry picked from commit 977fcdea8198906936a64b8117e6a6d027c617e3) +--- + hw/xprint/Makefile.am | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/hw/xprint/Makefile.am b/hw/xprint/Makefile.am +index dc8764a..f834966 100644 +--- a/hw/xprint/Makefile.am ++++ b/hw/xprint/Makefile.am +@@ -41,3 +41,5 @@ Xprt_SOURCES = \ + $(top_srcdir)/fb/fbcmap_mi.c + + EXTRA_DIST = ValTree.c ++ ++CLEANFILES = miinitext-wrapper.c dpmsstubs-wrapper.c +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0004-Config-D-Bus-Don-t-leak-timers.patch b/x11-base/xorg-server/files/1.4.0.90/0004-Config-D-Bus-Don-t-leak-timers.patch new file mode 100644 index 000000000000..badf8a4bab30 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0004-Config-D-Bus-Don-t-leak-timers.patch @@ -0,0 +1,44 @@ +From 81c5950d0af8d5859f850b98c98a532784e9a757 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Fri, 28 Dec 2007 15:47:21 +0200 +Subject: [PATCH] Config: D-Bus: Don't leak timers + +TimerCancel doesn't free the timer: you need TimerFree for that. +(cherry picked from commit 25deaa7e6b29b3913b35efa39b9c8b25de5e6d95) +--- + config/dbus-core.c | 5 ++++- + 1 files changed, 4 insertions(+), 1 deletions(-) + +diff --git a/config/dbus-core.c b/config/dbus-core.c +index eab72a5..9cf1530 100644 +--- a/config/dbus-core.c ++++ b/config/dbus-core.c +@@ -76,7 +76,7 @@ teardown(void) + struct config_dbus_core_hook *hook; + + if (bus_info.timer) { +- TimerCancel(bus_info.timer); ++ TimerFree(bus_info.timer); + bus_info.timer = NULL; + } + +@@ -116,6 +116,8 @@ message_filter(DBusConnection *connection, DBusMessage *message, void *data) + bus_info.connection = NULL; + teardown(); + ++ if (bus_info.timer) ++ TimerFree(bus_info.timer); + bus_info.timer = TimerSet(NULL, 0, 1, reconnect_timer, NULL); + + return DBUS_HANDLER_RESULT_HANDLED; +@@ -186,6 +188,7 @@ static CARD32 + reconnect_timer(OsTimerPtr timer, CARD32 time, pointer arg) + { + if (connect_to_bus()) { ++ TimerFree(bus_info.timer); + bus_info.timer = NULL; + return 0; + } +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0005-Config-HAL-Don-t-leak-options-on-failure-to-add-de.patch b/x11-base/xorg-server/files/1.4.0.90/0005-Config-HAL-Don-t-leak-options-on-failure-to-add-de.patch new file mode 100644 index 000000000000..bd49b58cbbf6 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0005-Config-HAL-Don-t-leak-options-on-failure-to-add-de.patch @@ -0,0 +1,57 @@ +From 30fc8053a5e734c3b70156bdae94fd7d5d7865a5 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Fri, 28 Dec 2007 15:47:57 +0200 +Subject: [PATCH] Config: HAL: Don't leak options on failure to add device + +This showed up in Xephyr in particular, which denies new device requests. +(cherry picked from commit 2bb199056edf6c63cf978d1a8ad49a57ce1938f3) +--- + config/hal.c | 11 ++++++++++- + 1 files changed, 10 insertions(+), 1 deletions(-) + +diff --git a/config/hal.c b/config/hal.c +index 4427deb..16f16ec 100644 +--- a/config/hal.c ++++ b/config/hal.c +@@ -92,6 +92,8 @@ add_option(InputOption **options, const char *key, const char *value) + for (; *options; options = &(*options)->next) + ; + *options = xcalloc(sizeof(**options), 1); ++ if (!*options) /* Yeesh. */ ++ return; + (*options)->key = xstrdup(key); + (*options)->value = xstrdup(value); + (*options)->next = NULL; +@@ -156,7 +158,7 @@ device_added(LibHalContext *hal_ctx, const char *udi) + char *path = NULL, *driver = NULL, *name = NULL, *xkb_rules = NULL; + char *xkb_model = NULL, *xkb_layout = NULL, *xkb_variant = NULL; + char *xkb_options = NULL, *config_info = NULL; +- InputOption *options = NULL; ++ InputOption *options = NULL, *tmpo = NULL; + DeviceIntPtr dev; + DBusError error; + int type = TYPE_NONE; +@@ -232,6 +234,7 @@ device_added(LibHalContext *hal_ctx, const char *udi) + + if (NewInputDeviceRequest(options, &dev) != Success) { + DebugF("[config/hal] NewInputDeviceRequest failed\n"); ++ dev = NULL; + goto unwind; + } + +@@ -255,6 +258,12 @@ unwind: + xfree(xkb_options); + if (config_info) + xfree(config_info); ++ while (!dev && (tmpo = options)) { ++ options = tmpo->next; ++ xfree(tmpo->key); ++ xfree(tmpo->value); ++ xfree(tmpo); ++ } + + out_error: + dbus_error_free(&error); +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0006-OS-Don-t-leak-connection-translation-table-on-regen.patch b/x11-base/xorg-server/files/1.4.0.90/0006-OS-Don-t-leak-connection-translation-table-on-regen.patch new file mode 100644 index 000000000000..d688b5bea13f --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0006-OS-Don-t-leak-connection-translation-table-on-regen.patch @@ -0,0 +1,27 @@ +From 38d8cfaaff0ae6273d9e921aae08b2706355f0d2 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Fri, 28 Dec 2007 15:48:25 +0200 +Subject: [PATCH] OS: Don't leak connection translation table on regeneration + (cherry picked from commit e868e0bc0d2318e62707d3ae68532b0029959154) + +--- + os/connection.c | 3 ++- + 1 files changed, 2 insertions(+), 1 deletions(-) + +diff --git a/os/connection.c b/os/connection.c +index b944593..d1ba845 100644 +--- a/os/connection.c ++++ b/os/connection.c +@@ -353,7 +353,8 @@ InitConnectionLimits(void) + #endif + + #if !defined(WIN32) +- ConnectionTranslation = (int *)xnfalloc(sizeof(int)*(lastfdesc + 1)); ++ if (!ConnectionTranslation) ++ ConnectionTranslation = (int *)xnfalloc(sizeof(int)*(lastfdesc + 1)); + #else + InitConnectionTranslation(); + #endif +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0007-KDrive-Xephyr-Don-t-leak-screen-damage-structure.patch b/x11-base/xorg-server/files/1.4.0.90/0007-KDrive-Xephyr-Don-t-leak-screen-damage-structure.patch new file mode 100644 index 000000000000..73b0fdb7302b --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0007-KDrive-Xephyr-Don-t-leak-screen-damage-structure.patch @@ -0,0 +1,25 @@ +From a304fc1d4a7062f65161ef8748fd358639ec73de Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Fri, 28 Dec 2007 15:48:57 +0200 +Subject: [PATCH] KDrive: Xephyr: Don't leak screen damage structure + (cherry picked from commit 0b03d97a244540824c922c300adbc3d3ae4855d5) + +--- + hw/kdrive/ephyr/ephyr.c | 1 + + 1 files changed, 1 insertions(+), 0 deletions(-) + +diff --git a/hw/kdrive/ephyr/ephyr.c b/hw/kdrive/ephyr/ephyr.c +index e8001df..27165a5 100644 +--- a/hw/kdrive/ephyr/ephyr.c ++++ b/hw/kdrive/ephyr/ephyr.c +@@ -394,6 +394,7 @@ ephyrUnsetInternalDamage (ScreenPtr pScreen) + + pPixmap = (*pScreen->GetScreenPixmap) (pScreen); + DamageUnregister (&pPixmap->drawable, scrpriv->pDamage); ++ DamageDestroy (scrpriv->pDamage); + + RemoveBlockAndWakeupHandlers (ephyrInternalDamageBlockHandler, + ephyrInternalDamageWakeupHandler, +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0008-Input-Don-t-reinit-devices.patch b/x11-base/xorg-server/files/1.4.0.90/0008-Input-Don-t-reinit-devices.patch new file mode 100644 index 000000000000..1ecac07ccb57 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0008-Input-Don-t-reinit-devices.patch @@ -0,0 +1,29 @@ +From 102c012c206cbb3bbf0fa5b0c8f0ce2ce9bba72a Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Fri, 28 Dec 2007 15:49:50 +0200 +Subject: [PATCH] Input: Don't reinit devices + +If a device is already initialised (i.e. the virtual core devices) during +IASD, don't init them again. This fixes a leak. +(cherry picked from commit 1f6015c8fe62c28cfaa82cc855b5b9c28fd34607) +--- + dix/devices.c | 3 ++- + 1 files changed, 2 insertions(+), 1 deletions(-) + +diff --git a/dix/devices.c b/dix/devices.c +index 287d730..f6f3c8e 100644 +--- a/dix/devices.c ++++ b/dix/devices.c +@@ -473,7 +473,8 @@ InitAndStartDevices(void) + + for (dev = inputInfo.off_devices; dev; dev = dev->next) { + DebugF("(dix) initialising device %d\n", dev->id); +- ActivateDevice(dev); ++ if (!dev->inited) ++ ActivateDevice(dev); + } + for (dev = inputInfo.off_devices; dev; dev = next) + { +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0009-include-never-overwrite-realInputProc-with-enqueueI.patch b/x11-base/xorg-server/files/1.4.0.90/0009-include-never-overwrite-realInputProc-with-enqueueI.patch new file mode 100644 index 000000000000..aa9019b64f2e --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0009-include-never-overwrite-realInputProc-with-enqueueI.patch @@ -0,0 +1,37 @@ +From 60144ac814ee26e151186f7c93cb1a273468d497 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter@cs.unisa.edu.au> +Date: Wed, 19 Dec 2007 16:20:36 +1030 +Subject: [PATCH] include: never overwrite realInputProc with enqueueInputProc. Bug #13511 + +In some cases (triggered by a key repeat during a sync grab) XKB unwrapping +can overwrite the device's realInputProc with the enqueueInputProc. When the +grab is released and the events are replayed, we end up in an infinite loop. +Each event is replayed and in replaying pushed to the end of the queue again. + +This fix is a hack only. It ensures that the realInputProc is never +overwritten with the enqueueInputProc. + +This fixes Bug #13511 (https://bugs.freedesktop.org/show_bug.cgi?id=13511) +(cherry picked from commit eace88989c3b65d5c20e9f37ea9b23c7c8e19335) +(cherry picked from commit 50e80c39870adfdc84fdbc00dddf1362117ad443) +--- + include/xkbsrv.h | 3 ++- + 1 files changed, 2 insertions(+), 1 deletions(-) + +diff --git a/include/xkbsrv.h b/include/xkbsrv.h +index 167dbec..9174eb6 100644 +--- a/include/xkbsrv.h ++++ b/include/xkbsrv.h +@@ -258,7 +258,8 @@ typedef struct + device->public.processInputProc = proc; \ + oldprocs->processInputProc = \ + oldprocs->realInputProc = device->public.realInputProc; \ +- device->public.realInputProc = proc; \ ++ if (proc != device->public.enqueueInputProc) \ ++ device->public.realInputProc = proc; \ + oldprocs->unwrapProc = device->unwrapProc; \ + device->unwrapProc = unwrapproc; + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0010-OS-IO-Zero-out-client-buffers.patch b/x11-base/xorg-server/files/1.4.0.90/0010-OS-IO-Zero-out-client-buffers.patch new file mode 100644 index 000000000000..2102d4bef552 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0010-OS-IO-Zero-out-client-buffers.patch @@ -0,0 +1,28 @@ +From 02e805f0ff4b6af551372ba5fc5fb369c8834d1d Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Sat, 5 Jan 2008 10:38:16 +0200 +Subject: [PATCH] OS: IO: Zero out client buffers + +For alignment reasons, we can write out uninitialised bytes, so allocate +the whole thing with xcalloc. +(cherry picked from commit b99a43dfe97c1813e1c61f298b1c83c5d5ca88a2) +--- + os/io.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/os/io.c b/os/io.c +index 9de75ee..a8b84fb 100644 +--- a/os/io.c ++++ b/os/io.c +@@ -1197,7 +1197,7 @@ AllocateOutputBuffer(void) + oco = (ConnectionOutputPtr)xalloc(sizeof(ConnectionOutput)); + if (!oco) + return (ConnectionOutputPtr)NULL; +- oco->buf = (unsigned char *) xalloc(BUFSIZE); ++ oco->buf = (unsigned char *) xcalloc(1, BUFSIZE); + if (!oco->buf) + { + xfree(oco); +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0011-XKB-XkbCopyKeymap-Don-t-leak-all-the-sections.patch b/x11-base/xorg-server/files/1.4.0.90/0011-XKB-XkbCopyKeymap-Don-t-leak-all-the-sections.patch new file mode 100644 index 000000000000..9aa87c8a9985 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0011-XKB-XkbCopyKeymap-Don-t-leak-all-the-sections.patch @@ -0,0 +1,27 @@ +From 8a3acd3ec41b887b4aeaa0b2932265522c1e2836 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Sat, 5 Jan 2008 10:43:53 +0200 +Subject: [PATCH] XKB: XkbCopyKeymap: Don't leak all the sections + +Previously, we'd just keep num_sections at 0, which would break the +geometry and lead us to leak sections. Don't do that. +(cherry picked from commit 0137b0394a248f694448a7d97c9a1a3efcf24e81) +--- + xkb/xkbUtils.c | 1 + + 1 files changed, 1 insertions(+), 0 deletions(-) + +diff --git a/xkb/xkbUtils.c b/xkb/xkbUtils.c +index c7f9a26..e90df0d 100644 +--- a/xkb/xkbUtils.c ++++ b/xkb/xkbUtils.c +@@ -1770,6 +1770,7 @@ XkbCopyKeymap(XkbDescPtr src, XkbDescPtr dst, Bool sendNotifies) + if (!tmp) + return FALSE; + dst->geom->sections = tmp; ++ dst->geom->num_sections = src->geom->num_sections; + + for (i = 0, + ssection = src->geom->sections, +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0012-Xephyr-One-time-keyboard-leak-fix.patch b/x11-base/xorg-server/files/1.4.0.90/0012-Xephyr-One-time-keyboard-leak-fix.patch new file mode 100644 index 000000000000..a26dce5bf835 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0012-Xephyr-One-time-keyboard-leak-fix.patch @@ -0,0 +1,26 @@ +From 636aa9e7be2822a0148067a11499ad48fe682cd9 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Sat, 5 Jan 2008 10:47:39 +0200 +Subject: [PATCH] Xephyr: One-time keyboard leak fix + +Don't leak the originally-allocated keysym map. +(cherry picked from commit e85130c85f727466fc27be1cfa46c88b257499fb) +--- + hw/kdrive/ephyr/ephyr.c | 1 + + 1 files changed, 1 insertions(+), 0 deletions(-) + +diff --git a/hw/kdrive/ephyr/ephyr.c b/hw/kdrive/ephyr/ephyr.c +index 27165a5..86e8f1f 100644 +--- a/hw/kdrive/ephyr/ephyr.c ++++ b/hw/kdrive/ephyr/ephyr.c +@@ -915,6 +915,7 @@ EphyrKeyboardInit (KdKeyboardInfo *ki) + ki->minScanCode = ki->keySyms.minKeyCode; + ki->maxScanCode = ki->keySyms.maxKeyCode; + ki->keySyms.mapWidth = ephyrKeySyms.mapWidth; ++ xfree(ki->keySyms.map); + ki->keySyms.map = ephyrKeySyms.map; + ki->name = KdSaveString("Xephyr virtual keyboard"); + ephyrKbd = ki; +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0013-Fix-for-CVE-2007-5760-XFree86-Misc-extension-out-o.patch b/x11-base/xorg-server/files/1.4.0.90/0013-Fix-for-CVE-2007-5760-XFree86-Misc-extension-out-o.patch new file mode 100644 index 000000000000..e63fc49b8378 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0013-Fix-for-CVE-2007-5760-XFree86-Misc-extension-out-o.patch @@ -0,0 +1,27 @@ +From 59a3b83922c810316a374a19484b24901c7437ae Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 15:26:41 +0100 +Subject: [PATCH] Fix for CVE-2007-5760 - XFree86 Misc extension out of bounds array index + +--- + hw/xfree86/common/xf86MiscExt.c | 4 ++++ + 1 files changed, 4 insertions(+), 0 deletions(-) + +diff --git a/hw/xfree86/common/xf86MiscExt.c b/hw/xfree86/common/xf86MiscExt.c +index c1b9c60..40c196a 100644 +--- a/hw/xfree86/common/xf86MiscExt.c ++++ b/hw/xfree86/common/xf86MiscExt.c +@@ -548,6 +548,10 @@ MiscExtPassMessage(int scrnIndex, const char *msgtype, const char *msgval, + { + ScrnInfoPtr pScr = xf86Screens[scrnIndex]; + ++ /* should check this in the protocol, but xf86NumScreens isn't exported */ ++ if (scrnIndex >= xf86NumScreens) ++ return BadValue; ++ + if (*pScr->HandleMessage == NULL) + return BadImplementation; + return (*pScr->HandleMessage)(scrnIndex, msgtype, msgval, retstr); +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0014-Fix-for-CVE-2007-6428-TOG-cup-extension-memory-cor.patch b/x11-base/xorg-server/files/1.4.0.90/0014-Fix-for-CVE-2007-6428-TOG-cup-extension-memory-cor.patch new file mode 100644 index 000000000000..c5d0a946ea4f --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0014-Fix-for-CVE-2007-6428-TOG-cup-extension-memory-cor.patch @@ -0,0 +1,26 @@ +From 4848d49d05a318559afe7a17a19ba055947ee1f5 Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 15:28:03 +0100 +Subject: [PATCH] Fix for CVE-2007-6428 - TOG-cup extension memory corruption. + +--- + Xext/cup.c | 3 +++ + 1 files changed, 3 insertions(+), 0 deletions(-) + +diff --git a/Xext/cup.c b/Xext/cup.c +index 6bfa278..781b9ce 100644 +--- a/Xext/cup.c ++++ b/Xext/cup.c +@@ -196,6 +196,9 @@ int ProcGetReservedColormapEntries( + + REQUEST_SIZE_MATCH (xXcupGetReservedColormapEntriesReq); + ++ if (stuff->screen >= screenInfo.numScreens) ++ return BadValue; ++ + #ifndef HAVE_SPECIAL_DESKTOP_COLORS + citems[CUP_BLACK_PIXEL].pixel = + screenInfo.screens[stuff->screen]->blackPixel; +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0015-Fix-for-CVE-2007-6427-Xinput-extension-memory-corr.patch b/x11-base/xorg-server/files/1.4.0.90/0015-Fix-for-CVE-2007-6427-Xinput-extension-memory-corr.patch new file mode 100644 index 000000000000..b69a980f7f76 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0015-Fix-for-CVE-2007-6427-Xinput-extension-memory-corr.patch @@ -0,0 +1,262 @@ +From d244c8272e0ac47c41a9416e37293903b842a78b Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 15:27:34 +0100 +Subject: [PATCH] Fix for CVE-2007-6427 - Xinput extension memory corruption. + +--- + Xi/chgfctl.c | 7 +------ + Xi/chgkmap.c | 13 ++++++------- + Xi/chgprop.c | 10 +++------- + Xi/grabdev.c | 12 +++++------- + Xi/grabdevb.c | 10 +++------- + Xi/grabdevk.c | 9 ++------- + Xi/selectev.c | 11 ++++------- + Xi/sendexev.c | 14 ++++++++------ + 8 files changed, 32 insertions(+), 54 deletions(-) + +diff --git a/Xi/chgfctl.c b/Xi/chgfctl.c +index 2e0e13c..235d659 100644 +--- a/Xi/chgfctl.c ++++ b/Xi/chgfctl.c +@@ -327,18 +327,13 @@ ChangeStringFeedback(ClientPtr client, DeviceIntPtr dev, + xStringFeedbackCtl * f) + { + char n; +- long *p; + int i, j; + KeySym *syms, *sup_syms; + + syms = (KeySym *) (f + 1); + if (client->swapped) { + swaps(&f->length, n); /* swapped num_keysyms in calling proc */ +- p = (long *)(syms); +- for (i = 0; i < f->num_keysyms; i++) { +- swapl(p, n); +- p++; +- } ++ SwapLongs((CARD32 *) syms, f->num_keysyms); + } + + if (f->num_keysyms > s->ctrl.max_symbols) { +diff --git a/Xi/chgkmap.c b/Xi/chgkmap.c +index eac520f..f8f85bc 100644 +--- a/Xi/chgkmap.c ++++ b/Xi/chgkmap.c +@@ -79,18 +79,14 @@ int + SProcXChangeDeviceKeyMapping(ClientPtr client) + { + char n; +- long *p; +- int i, count; ++ unsigned int count; + + REQUEST(xChangeDeviceKeyMappingReq); + swaps(&stuff->length, n); + REQUEST_AT_LEAST_SIZE(xChangeDeviceKeyMappingReq); +- p = (long *)&stuff[1]; + count = stuff->keyCodes * stuff->keySymsPerKeyCode; +- for (i = 0; i < count; i++) { +- swapl(p, n); +- p++; +- } ++ REQUEST_FIXED_SIZE(xChangeDeviceKeyMappingReq, count * sizeof(CARD32)); ++ SwapLongs((CARD32 *) (&stuff[1]), count); + return (ProcXChangeDeviceKeyMapping(client)); + } + +@@ -106,10 +102,13 @@ ProcXChangeDeviceKeyMapping(ClientPtr client) + int ret; + unsigned len; + DeviceIntPtr dev; ++ unsigned int count; + + REQUEST(xChangeDeviceKeyMappingReq); + REQUEST_AT_LEAST_SIZE(xChangeDeviceKeyMappingReq); + ++ count = stuff->keyCodes * stuff->keySymsPerKeyCode; ++ REQUEST_FIXED_SIZE(xChangeDeviceKeyMappingReq, count * sizeof(CARD32)); + dev = LookupDeviceIntRec(stuff->deviceid); + if (dev == NULL) { + SendErrorToClient(client, IReqCode, X_ChangeDeviceKeyMapping, 0, +diff --git a/Xi/chgprop.c b/Xi/chgprop.c +index 59a93c6..21bda5b 100644 +--- a/Xi/chgprop.c ++++ b/Xi/chgprop.c +@@ -81,19 +81,15 @@ int + SProcXChangeDeviceDontPropagateList(ClientPtr client) + { + char n; +- long *p; +- int i; + + REQUEST(xChangeDeviceDontPropagateListReq); + swaps(&stuff->length, n); + REQUEST_AT_LEAST_SIZE(xChangeDeviceDontPropagateListReq); + swapl(&stuff->window, n); + swaps(&stuff->count, n); +- p = (long *)&stuff[1]; +- for (i = 0; i < stuff->count; i++) { +- swapl(p, n); +- p++; +- } ++ REQUEST_FIXED_SIZE(xChangeDeviceDontPropagateListReq, ++ stuff->count * sizeof(CARD32)); ++ SwapLongs((CARD32 *) (&stuff[1]), stuff->count); + return (ProcXChangeDeviceDontPropagateList(client)); + } + +diff --git a/Xi/grabdev.c b/Xi/grabdev.c +index e2809ef..d0b4ae7 100644 +--- a/Xi/grabdev.c ++++ b/Xi/grabdev.c +@@ -82,8 +82,6 @@ int + SProcXGrabDevice(ClientPtr client) + { + char n; +- long *p; +- int i; + + REQUEST(xGrabDeviceReq); + swaps(&stuff->length, n); +@@ -91,11 +89,11 @@ SProcXGrabDevice(ClientPtr client) + swapl(&stuff->grabWindow, n); + swapl(&stuff->time, n); + swaps(&stuff->event_count, n); +- p = (long *)&stuff[1]; +- for (i = 0; i < stuff->event_count; i++) { +- swapl(p, n); +- p++; +- } ++ ++ if (stuff->length != (sizeof(xGrabDeviceReq) >> 2) + stuff->event_count) ++ return BadLength; ++ ++ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count); + + return (ProcXGrabDevice(client)); + } +diff --git a/Xi/grabdevb.c b/Xi/grabdevb.c +index df62d0c..18db1f7 100644 +--- a/Xi/grabdevb.c ++++ b/Xi/grabdevb.c +@@ -80,8 +80,6 @@ int + SProcXGrabDeviceButton(ClientPtr client) + { + char n; +- long *p; +- int i; + + REQUEST(xGrabDeviceButtonReq); + swaps(&stuff->length, n); +@@ -89,11 +87,9 @@ SProcXGrabDeviceButton(ClientPtr client) + swapl(&stuff->grabWindow, n); + swaps(&stuff->modifiers, n); + swaps(&stuff->event_count, n); +- p = (long *)&stuff[1]; +- for (i = 0; i < stuff->event_count; i++) { +- swapl(p, n); +- p++; +- } ++ REQUEST_FIXED_SIZE(xGrabDeviceButtonReq, ++ stuff->event_count * sizeof(CARD32)); ++ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count); + + return (ProcXGrabDeviceButton(client)); + } +diff --git a/Xi/grabdevk.c b/Xi/grabdevk.c +index b74592f..429b2f7 100644 +--- a/Xi/grabdevk.c ++++ b/Xi/grabdevk.c +@@ -80,8 +80,6 @@ int + SProcXGrabDeviceKey(ClientPtr client) + { + char n; +- long *p; +- int i; + + REQUEST(xGrabDeviceKeyReq); + swaps(&stuff->length, n); +@@ -89,11 +87,8 @@ SProcXGrabDeviceKey(ClientPtr client) + swapl(&stuff->grabWindow, n); + swaps(&stuff->modifiers, n); + swaps(&stuff->event_count, n); +- p = (long *)&stuff[1]; +- for (i = 0; i < stuff->event_count; i++) { +- swapl(p, n); +- p++; +- } ++ REQUEST_FIXED_SIZE(xGrabDeviceKeyReq, stuff->event_count * sizeof(CARD32)); ++ SwapLongs((CARD32 *) (&stuff[1]), stuff->event_count); + return (ProcXGrabDeviceKey(client)); + } + +diff --git a/Xi/selectev.c b/Xi/selectev.c +index d52db1b..19415c5 100644 +--- a/Xi/selectev.c ++++ b/Xi/selectev.c +@@ -131,19 +131,16 @@ int + SProcXSelectExtensionEvent(ClientPtr client) + { + char n; +- long *p; +- int i; + + REQUEST(xSelectExtensionEventReq); + swaps(&stuff->length, n); + REQUEST_AT_LEAST_SIZE(xSelectExtensionEventReq); + swapl(&stuff->window, n); + swaps(&stuff->count, n); +- p = (long *)&stuff[1]; +- for (i = 0; i < stuff->count; i++) { +- swapl(p, n); +- p++; +- } ++ REQUEST_FIXED_SIZE(xSelectExtensionEventReq, ++ stuff->count * sizeof(CARD32)); ++ SwapLongs((CARD32 *) (&stuff[1]), stuff->count); ++ + return (ProcXSelectExtensionEvent(client)); + } + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index eac9abe..9803cf3 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -83,7 +83,7 @@ int + SProcXSendExtensionEvent(ClientPtr client) + { + char n; +- long *p; ++ CARD32 *p; + int i; + xEvent eventT; + xEvent *eventP; +@@ -94,6 +94,11 @@ SProcXSendExtensionEvent(ClientPtr client) + REQUEST_AT_LEAST_SIZE(xSendExtensionEventReq); + swapl(&stuff->destination, n); + swaps(&stuff->count, n); ++ ++ if (stuff->length != (sizeof(xSendExtensionEventReq) >> 2) + stuff->count + ++ (stuff->num_events * (sizeof(xEvent) >> 2))) ++ return BadLength; ++ + eventP = (xEvent *) & stuff[1]; + for (i = 0; i < stuff->num_events; i++, eventP++) { + proc = EventSwapVector[eventP->u.u.type & 0177]; +@@ -103,11 +108,8 @@ SProcXSendExtensionEvent(ClientPtr client) + *eventP = eventT; + } + +- p = (long *)(((xEvent *) & stuff[1]) + stuff->num_events); +- for (i = 0; i < stuff->count; i++) { +- swapl(p, n); +- p++; +- } ++ p = (CARD32 *)(((xEvent *) & stuff[1]) + stuff->num_events); ++ SwapLongs(p, stuff->count); + return (ProcXSendExtensionEvent(client)); + } + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0016-Fix-for-CVE-2007-6429-MIT-SHM-and-EVI-extensions-i.patch b/x11-base/xorg-server/files/1.4.0.90/0016-Fix-for-CVE-2007-6429-MIT-SHM-and-EVI-extensions-i.patch new file mode 100644 index 000000000000..48448dd550ba --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0016-Fix-for-CVE-2007-6429-MIT-SHM-and-EVI-extensions-i.patch @@ -0,0 +1,210 @@ +From 8b14f7b74284900b95a319ec80c4333e63af2296 Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 15:28:42 +0100 +Subject: [PATCH] Fix for CVE-2007-6429 - MIT-SHM and EVI extensions integer overflows. + +--- + Xext/EVI.c | 15 ++++++++++++++- + Xext/sampleEVI.c | 29 ++++++++++++++++++++++++----- + Xext/shm.c | 46 ++++++++++++++++++++++++++++++++++++++-------- + 3 files changed, 76 insertions(+), 14 deletions(-) + +diff --git a/Xext/EVI.c b/Xext/EVI.c +index 8fe3481..13bd32a 100644 +--- a/Xext/EVI.c ++++ b/Xext/EVI.c +@@ -34,6 +34,7 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE. + #include <X11/extensions/XEVIstr.h> + #include "EVIstruct.h" + #include "modinit.h" ++#include "scrnintstr.h" + + #if 0 + static unsigned char XEVIReqCode = 0; +@@ -87,10 +88,22 @@ ProcEVIGetVisualInfo(ClientPtr client) + { + REQUEST(xEVIGetVisualInfoReq); + xEVIGetVisualInfoReply rep; +- int n, n_conflict, n_info, sz_info, sz_conflict; ++ int i, n, n_conflict, n_info, sz_info, sz_conflict; + VisualID32 *conflict; ++ unsigned int total_visuals = 0; + xExtendedVisualInfo *eviInfo; + int status; ++ ++ /* ++ * do this first, otherwise REQUEST_FIXED_SIZE can overflow. we assume ++ * here that you don't have more than 2^32 visuals over all your screens; ++ * this seems like a safe assumption. ++ */ ++ for (i = 0; i < screenInfo.numScreens; i++) ++ total_visuals += screenInfo.screens[i]->numVisuals; ++ if (stuff->n_visual > total_visuals) ++ return BadValue; ++ + REQUEST_FIXED_SIZE(xEVIGetVisualInfoReq, stuff->n_visual * sz_VisualID32); + status = eviPriv->getVisualInfo((VisualID32 *)&stuff[1], (int)stuff->n_visual, + &eviInfo, &n_info, &conflict, &n_conflict); +diff --git a/Xext/sampleEVI.c b/Xext/sampleEVI.c +index 7508aa7..b871bfd 100644 +--- a/Xext/sampleEVI.c ++++ b/Xext/sampleEVI.c +@@ -34,6 +34,13 @@ THE USE OR PERFORMANCE OF THIS SOFTWARE. + #include <X11/extensions/XEVIstr.h> + #include "EVIstruct.h" + #include "scrnintstr.h" ++ ++#if HAVE_STDINT_H ++#include <stdint.h> ++#elif !defined(UINT32_MAX) ++#define UINT32_MAX 0xffffffffU ++#endif ++ + static int sampleGetVisualInfo( + VisualID32 *visual, + int n_visual, +@@ -42,24 +49,36 @@ static int sampleGetVisualInfo( + VisualID32 **conflict_rn, + int *n_conflict_rn) + { +- int max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens; ++ unsigned int max_sz_evi; + VisualID32 *temp_conflict; + xExtendedVisualInfo *evi; +- int max_visuals = 0, max_sz_conflict, sz_conflict = 0; ++ unsigned int max_visuals = 0, max_sz_conflict, sz_conflict = 0; + register int visualI, scrI, sz_evi = 0, conflictI, n_conflict; +- *evi_rn = evi = (xExtendedVisualInfo *)xalloc(max_sz_evi); +- if (!*evi_rn) +- return BadAlloc; ++ ++ if (n_visual > UINT32_MAX/(sz_xExtendedVisualInfo * screenInfo.numScreens)) ++ return BadAlloc; ++ max_sz_evi = n_visual * sz_xExtendedVisualInfo * screenInfo.numScreens; ++ + for (scrI = 0; scrI < screenInfo.numScreens; scrI++) { + if (screenInfo.screens[scrI]->numVisuals > max_visuals) + max_visuals = screenInfo.screens[scrI]->numVisuals; + } ++ ++ if (n_visual > UINT32_MAX/(sz_VisualID32 * screenInfo.numScreens ++ * max_visuals)) ++ return BadAlloc; + max_sz_conflict = n_visual * sz_VisualID32 * screenInfo.numScreens * max_visuals; ++ ++ *evi_rn = evi = (xExtendedVisualInfo *)xalloc(max_sz_evi); ++ if (!*evi_rn) ++ return BadAlloc; ++ + temp_conflict = (VisualID32 *)xalloc(max_sz_conflict); + if (!temp_conflict) { + xfree(*evi_rn); + return BadAlloc; + } ++ + for (scrI = 0; scrI < screenInfo.numScreens; scrI++) { + for (visualI = 0; visualI < n_visual; visualI++) { + evi[sz_evi].core_visual_id = visual[visualI]; +diff --git a/Xext/shm.c b/Xext/shm.c +index ac587be..5633be9 100644 +--- a/Xext/shm.c ++++ b/Xext/shm.c +@@ -711,6 +711,8 @@ ProcPanoramiXShmCreatePixmap( + int i, j, result, rc; + ShmDescPtr shmdesc; + REQUEST(xShmCreatePixmapReq); ++ unsigned int width, height, depth; ++ unsigned long size; + PanoramiXRes *newPix; + + REQUEST_SIZE_MATCH(xShmCreatePixmapReq); +@@ -724,11 +726,26 @@ ProcPanoramiXShmCreatePixmap( + return rc; + + VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client); +- if (!stuff->width || !stuff->height) ++ ++ width = stuff->width; ++ height = stuff->height; ++ depth = stuff->depth; ++ if (!width || !height || !depth) + { + client->errorValue = 0; + return BadValue; + } ++ if (width > 32767 || height > 32767) ++ return BadAlloc; ++ size = PixmapBytePad(width, depth) * height; ++ if (sizeof(size) == 4) { ++ if (size < width * height) ++ return BadAlloc; ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; ++ } ++ + if (stuff->depth != 1) + { + pDepth = pDraw->pScreen->allowedDepths; +@@ -739,9 +756,7 @@ ProcPanoramiXShmCreatePixmap( + return BadValue; + } + CreatePmap: +- VERIFY_SHMSIZE(shmdesc, stuff->offset, +- PixmapBytePad(stuff->width, stuff->depth) * stuff->height, +- client); ++ VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + + if(!(newPix = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes)))) + return BadAlloc; +@@ -1040,6 +1055,8 @@ ProcShmCreatePixmap(client) + register int i, rc; + ShmDescPtr shmdesc; + REQUEST(xShmCreatePixmapReq); ++ unsigned int width, height, depth; ++ unsigned long size; + + REQUEST_SIZE_MATCH(xShmCreatePixmapReq); + client->errorValue = stuff->pid; +@@ -1052,11 +1069,26 @@ ProcShmCreatePixmap(client) + return rc; + + VERIFY_SHMPTR(stuff->shmseg, stuff->offset, TRUE, shmdesc, client); +- if (!stuff->width || !stuff->height) ++ ++ width = stuff->width; ++ height = stuff->height; ++ depth = stuff->depth; ++ if (!width || !height || !depth) + { + client->errorValue = 0; + return BadValue; + } ++ if (width > 32767 || height > 32767) ++ return BadAlloc; ++ size = PixmapBytePad(width, depth) * height; ++ if (sizeof(size) == 4) { ++ if (size < width * height) ++ return BadAlloc; ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; ++ } ++ + if (stuff->depth != 1) + { + pDepth = pDraw->pScreen->allowedDepths; +@@ -1067,9 +1099,7 @@ ProcShmCreatePixmap(client) + return BadValue; + } + CreatePmap: +- VERIFY_SHMSIZE(shmdesc, stuff->offset, +- PixmapBytePad(stuff->width, stuff->depth) * stuff->height, +- client); ++ VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)( + pDraw->pScreen, stuff->width, + stuff->height, stuff->depth, +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0017-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch b/x11-base/xorg-server/files/1.4.0.90/0017-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch new file mode 100644 index 000000000000..c16294c055f4 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0017-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch @@ -0,0 +1,30 @@ +From f09b8007e7f6e60e0b9c9665ec632b578ae08b6f Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 15:29:06 +0100 +Subject: [PATCH] Fix for CVE-2008-0006 - PCF Font parser buffer overflow. + +--- + dix/dixfonts.c | 7 +++++++ + 1 files changed, 7 insertions(+), 0 deletions(-) + +diff --git a/dix/dixfonts.c b/dix/dixfonts.c +index c21b3ec..7bb2404 100644 +--- a/dix/dixfonts.c ++++ b/dix/dixfonts.c +@@ -325,6 +325,13 @@ doOpenFont(ClientPtr client, OFclosurePtr c) + err = BadFontName; + goto bail; + } ++ /* check values for firstCol, lastCol, firstRow, and lastRow */ ++ if (pfont->info.firstCol > pfont->info.lastCol || ++ pfont->info.firstRow > pfont->info.lastRow || ++ pfont->info.lastCol - pfont->info.firstCol > 255) { ++ err = AllocError; ++ goto bail; ++ } + if (!pfont->fpe) + pfont->fpe = fpe; + pfont->refcnt++; +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0018-Fix-for-CVE-2007-5958-File-existence-disclosure.patch b/x11-base/xorg-server/files/1.4.0.90/0018-Fix-for-CVE-2007-5958-File-existence-disclosure.patch new file mode 100644 index 000000000000..889e57adc3e7 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0018-Fix-for-CVE-2007-5958-File-existence-disclosure.patch @@ -0,0 +1,34 @@ +From 19b95cdd1d14a1e7d1abba1880ab023c96f19bf5 Mon Sep 17 00:00:00 2001 +From: Matthieu Herrb <matthieu@bluenote.herrb.com> +Date: Thu, 17 Jan 2008 17:03:39 +0100 +Subject: [PATCH] Fix for CVE-2007-5958 - File existence disclosure. + +--- + Xext/security.c | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/Xext/security.c b/Xext/security.c +index ba057de..e9d48c9 100644 +--- a/Xext/security.c ++++ b/Xext/security.c +@@ -1563,7 +1563,7 @@ SecurityLoadPropertyAccessList(void) + if (!SecurityPolicyFile) + return; + +- f = fopen(SecurityPolicyFile, "r"); ++ f = Fopen(SecurityPolicyFile, "r"); + if (!f) + { + ErrorF("error opening security policy file %s\n", +@@ -1646,7 +1646,7 @@ SecurityLoadPropertyAccessList(void) + } + #endif /* PROPDEBUG */ + +- fclose(f); ++ Fclose(f); + } /* SecurityLoadPropertyAccessList */ + + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0019-CVE-2007-6429-Don-t-spuriously-reject-8bpp-shm-pix.patch b/x11-base/xorg-server/files/1.4.0.90/0019-CVE-2007-6429-Don-t-spuriously-reject-8bpp-shm-pix.patch new file mode 100644 index 000000000000..bd5758fbf908 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0019-CVE-2007-6429-Don-t-spuriously-reject-8bpp-shm-pix.patch @@ -0,0 +1,86 @@ +From b6d4cdf64f43ae805beada6122c8be2ed138742c Mon Sep 17 00:00:00 2001 +From: Adam Jackson <ajax@redhat.com> +Date: Fri, 18 Jan 2008 14:41:20 -0500 +Subject: [PATCH] CVE-2007-6429: Don't spuriously reject <8bpp shm pixmaps. + +Move size validation after depth validation, and only validate size if +the bpp of the pixmap format is > 8. If bpp < 8 then we're already +protected from overflow by the width and height checks. +(cherry picked from commit e9fa7c1c88a8130a48f772c92b186b8b777986b5) +--- + Xext/shm.c | 36 ++++++++++++++++++++---------------- + 1 files changed, 20 insertions(+), 16 deletions(-) + +diff --git a/Xext/shm.c b/Xext/shm.c +index 5633be9..6f99e90 100644 +--- a/Xext/shm.c ++++ b/Xext/shm.c +@@ -737,14 +737,6 @@ ProcPanoramiXShmCreatePixmap( + } + if (width > 32767 || height > 32767) + return BadAlloc; +- size = PixmapBytePad(width, depth) * height; +- if (sizeof(size) == 4) { +- if (size < width * height) +- return BadAlloc; +- /* thankfully, offset is unsigned */ +- if (stuff->offset + size < size) +- return BadAlloc; +- } + + if (stuff->depth != 1) + { +@@ -755,7 +747,17 @@ ProcPanoramiXShmCreatePixmap( + client->errorValue = stuff->depth; + return BadValue; + } ++ + CreatePmap: ++ size = PixmapBytePad(width, depth) * height; ++ if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) { ++ if (size < width * height) ++ return BadAlloc; ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; ++ } ++ + VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + + if(!(newPix = (PanoramiXRes *) xalloc(sizeof(PanoramiXRes)))) +@@ -1080,14 +1082,6 @@ ProcShmCreatePixmap(client) + } + if (width > 32767 || height > 32767) + return BadAlloc; +- size = PixmapBytePad(width, depth) * height; +- if (sizeof(size) == 4) { +- if (size < width * height) +- return BadAlloc; +- /* thankfully, offset is unsigned */ +- if (stuff->offset + size < size) +- return BadAlloc; +- } + + if (stuff->depth != 1) + { +@@ -1098,7 +1092,17 @@ ProcShmCreatePixmap(client) + client->errorValue = stuff->depth; + return BadValue; + } ++ + CreatePmap: ++ size = PixmapBytePad(width, depth) * height; ++ if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) { ++ if (size < width * height) ++ return BadAlloc; ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; ++ } ++ + VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)( + pDraw->pScreen, stuff->width, +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0020-dix-set-the-correct-number-of-valuators-in-valuator.patch b/x11-base/xorg-server/files/1.4.0.90/0020-dix-set-the-correct-number-of-valuators-in-valuator.patch new file mode 100644 index 000000000000..12bdac48926c --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0020-dix-set-the-correct-number-of-valuators-in-valuator.patch @@ -0,0 +1,29 @@ +From e98027c3ac7195fec665ef393d980b02870ca1b8 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter@cs.unisa.edu.au> +Date: Tue, 18 Dec 2007 13:57:07 +1030 +Subject: [PATCH] dix: set the correct number of valuators in valuator events. + +(first_valuator + num_valuators) must never be larger than the number of axes, +otherwise DIX freaks out. And from looking at libXI, anything larger than 6 is +wrong too. +(cherry picked from commit 9f6ae61ad12cc2813d04405458e1ca5aed8a539e) +--- + dix/getevents.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index 12d8189..b7ba69b 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -344,7 +344,7 @@ getValuatorEvents(xEvent *events, DeviceIntPtr pDev, int first_valuator, + for (i = first_valuator; i < final_valuator; i += 6, xv++, events++) { + xv->type = DeviceValuator; + xv->first_valuator = i; +- xv->num_valuators = num_valuators; ++ xv->num_valuators = ((num_valuators - i) > 6) ? 6 : (num_valuators - i); + xv->deviceid = pDev->id; + switch (final_valuator - i) { + case 6: +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0021-xkb-don-t-update-LEDs-if-they-don-t-exist.-Bug-13.patch b/x11-base/xorg-server/files/1.4.0.90/0021-xkb-don-t-update-LEDs-if-they-don-t-exist.-Bug-13.patch new file mode 100644 index 000000000000..5bbcfc33dcc5 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0021-xkb-don-t-update-LEDs-if-they-don-t-exist.-Bug-13.patch @@ -0,0 +1,31 @@ +From bc72ef3a159efd67067322c043bba444869dc356 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter@cs.unisa.edu.au> +Date: Wed, 30 Jan 2008 10:39:54 +1030 +Subject: [PATCH] xkb: don't update LEDs if they don't exist. (Bug #13961) + +In some weird cases we call this function when there is no SrvLedInfo on the +device. And it turns out null-pointer dereferences are bad. + +X.Org Bug 13961 <http://bugs.freedesktop.org/show_bug.cgi?id=13961> +(cherry picked from commit d954f9c80348de294602d931d387e5cd1ef4b9a5) +--- + xkb/xkbLEDs.c | 3 +++ + 1 files changed, 3 insertions(+), 0 deletions(-) + +diff --git a/xkb/xkbLEDs.c b/xkb/xkbLEDs.c +index d607d90..d28973c 100644 +--- a/xkb/xkbLEDs.c ++++ b/xkb/xkbLEDs.c +@@ -63,6 +63,9 @@ XkbSrvLedInfoPtr sli; + + sli= XkbFindSrvLedInfo(dev,XkbDfltXIClass,XkbDfltXIId,0); + ++ if (!sli) ++ return update; ++ + if (state_changes&(XkbModifierStateMask|XkbGroupStateMask)) + update|= sli->usesEffective; + if (state_changes&(XkbModifierBaseMask|XkbGroupBaseMask)) +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0022-security-Fix-for-Bug-14480-untrusted-access-broke.patch b/x11-base/xorg-server/files/1.4.0.90/0022-security-Fix-for-Bug-14480-untrusted-access-broke.patch new file mode 100644 index 000000000000..0df2277305d0 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0022-security-Fix-for-Bug-14480-untrusted-access-broke.patch @@ -0,0 +1,25 @@ +From 74b40bba327a2e97780e8e3f995f784add2d6231 Mon Sep 17 00:00:00 2001 +From: Eamon Walsh <ewalsh@tycho.nsa.gov> +Date: Thu, 14 Feb 2008 19:47:44 -0500 +Subject: [PATCH] security: Fix for Bug #14480: untrusted access broken in 7.3. + +--- + Xext/security.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/Xext/security.c b/Xext/security.c +index e9d48c9..14ad354 100644 +--- a/Xext/security.c ++++ b/Xext/security.c +@@ -1014,7 +1014,7 @@ CALLBACK(SecurityCheckResourceIDAccess) + } + else /* server-owned resource - probably a default colormap or root window */ + { +- if (RT_WINDOW == rtype || RC_DRAWABLE == rtype) ++ if (RC_DRAWABLE & rtype) + { + switch (reqtype) + { /* the following operations are allowed on root windows */ +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0023-Resize-composite-overlay-window-when-the-root-window.patch b/x11-base/xorg-server/files/1.4.0.90/0023-Resize-composite-overlay-window-when-the-root-window.patch new file mode 100644 index 000000000000..53864528fa3d --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0023-Resize-composite-overlay-window-when-the-root-window.patch @@ -0,0 +1,62 @@ +From 3db5930c61aeb849de3b21e7ba0d86d3c0cf72bb Mon Sep 17 00:00:00 2001 +From: Maarten Maathuis <madman2003@gmail.com> +Date: Sun, 17 Feb 2008 11:21:01 +0100 +Subject: [PATCH] Resize composite overlay window when the root window changes. + +- This allows some compositing managers to work, even after randr12 has changed the root window size. +- Thanks to ajax for figuring out the best place to put this. +- Example: + - xf86RandR12SetMode() calls EnableDisableFBAccess(). + - That calls xf86SetRootClip() which in turn calls ResizeChildrenWinSize(). + - The final step is the call to PositionWindow(). +(cherry picked from commit 70c0592a97c7dc9db0576d32b3bdbe4766520509) +--- + composite/compwindow.c | 25 +++++++++++++++++++++++++ + 1 files changed, 25 insertions(+), 0 deletions(-) + +diff --git a/composite/compwindow.c b/composite/compwindow.c +index bfd2946..33192ad 100644 +--- a/composite/compwindow.c ++++ b/composite/compwindow.c +@@ -165,6 +165,29 @@ compCheckRedirect (WindowPtr pWin) + return TRUE; + } + ++static int ++updateOverlayWindow(ScreenPtr pScreen) ++{ ++ CompScreenPtr cs; ++ WindowPtr pWin; /* overlay window */ ++ XID vlist[2]; ++ ++ cs = GetCompScreen(pScreen); ++ if ((pWin = cs->pOverlayWin) != NULL) { ++ if ((pWin->drawable.width == pScreen->width) && ++ (pWin->drawable.height == pScreen->height)) ++ return Success; ++ ++ /* Let's resize the overlay window. */ ++ vlist[0] = pScreen->width; ++ vlist[1] = pScreen->height; ++ return ConfigureWindow(pWin, CWWidth | CWHeight, vlist, wClient(pWin)); ++ } ++ ++ /* Let's be on the safe side and not assume an overlay window is always allocated. */ ++ return Success; ++} ++ + Bool + compPositionWindow (WindowPtr pWin, int x, int y) + { +@@ -203,6 +226,8 @@ compPositionWindow (WindowPtr pWin, int x, int y) + cs->PositionWindow = pScreen->PositionWindow; + pScreen->PositionWindow = compPositionWindow; + compCheckTree (pWin->drawable.pScreen); ++ if (updateOverlayWindow(pScreen) != Success) ++ ret = FALSE; + return ret; + } + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0024-Fix-rotation-for-multi-monitor-situation.patch b/x11-base/xorg-server/files/1.4.0.90/0024-Fix-rotation-for-multi-monitor-situation.patch new file mode 100644 index 000000000000..33a9cc04f728 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0024-Fix-rotation-for-multi-monitor-situation.patch @@ -0,0 +1,31 @@ +From dc30ade6496c7cc24e38c419e229159525fe042f Mon Sep 17 00:00:00 2001 +From: Maarten Maathuis <madman2003@gmail.com> +Date: Sun, 17 Feb 2008 18:47:28 +0100 +Subject: [PATCH] Fix rotation for multi-monitor situation. + +- The (x,y)-coordinates of the crtc were not being passed as xFixed values, which made it an obscure bug to find. +- Fix bug #13787. +(cherry picked from commit a48cc88ea2674c28b69b8d738b168cbafcf4001f) +--- + hw/xfree86/modes/xf86Rotate.c | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/hw/xfree86/modes/xf86Rotate.c b/hw/xfree86/modes/xf86Rotate.c +index 380478f..dd0e659 100644 +--- a/hw/xfree86/modes/xf86Rotate.c ++++ b/hw/xfree86/modes/xf86Rotate.c +@@ -579,9 +579,9 @@ xf86CrtcRotate (xf86CrtcPtr crtc, DisplayModePtr mode, Rotation rotation) + } + else + { +- PictureTransformTranslate (&crtc_to_fb, &fb_to_crtc, crtc->x, crtc->y); ++ PictureTransformTranslate (&crtc_to_fb, &fb_to_crtc, F(crtc->x), F(crtc->y)); + PictureTransformIsInverse ("offset", &crtc_to_fb, &fb_to_crtc); +- ++ + /* + * these are the size of the shadow pixmap, which + * matches the mode, not the pre-rotated copy in the +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0025-Don-t-break-grab-and-focus-state-for-a-window-when-r.patch b/x11-base/xorg-server/files/1.4.0.90/0025-Don-t-break-grab-and-focus-state-for-a-window-when-r.patch new file mode 100644 index 000000000000..9e5904dd2110 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0025-Don-t-break-grab-and-focus-state-for-a-window-when-r.patch @@ -0,0 +1,40 @@ +From bcbfd619f8da888224afd80ee3a2db7d500523eb Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Kristian=20H=C3=B8gsberg?= <krh@redhat.com> +Date: Wed, 16 Jan 2008 20:24:11 -0500 +Subject: [PATCH] Don't break grab and focus state for a window when redirecting it. + +Composite uses an unmap/map cycle to trigger backing pixmap allocation +and cliprect recomputation when a window is redirected or unredirected. +To avoid protocol visible side effects, map and unmap events are +disabled temporarily. However, when a window is unmapped it is also +removed from grabs and loses focus, but these state changes are not +disabled. + +This change supresses the unmap side effects during the composite +unmap/map cycle and fixes this bug: + + http://bugzilla.gnome.org/show_bug.cgi?id=488264 + +where compiz would cause gnome-screensaver to lose its grab when +compiz unredirects the fullscreen lock window. +--- + dix/window.c | 3 ++- + 1 files changed, 2 insertions(+), 1 deletions(-) + +diff --git a/dix/window.c b/dix/window.c +index be4ea2c..961c02a 100644 +--- a/dix/window.c ++++ b/dix/window.c +@@ -3023,7 +3023,8 @@ UnrealizeTree( + } + #endif + (* Unrealize)(pChild); +- DeleteWindowFromAnyEvents(pChild, FALSE); ++ if (MapUnmapEventsEnabled(pWin)) ++ DeleteWindowFromAnyEvents(pChild, FALSE); + if (pChild->viewable) + { + #ifdef DO_SAVE_UNDERS +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0026-CVE-2007-6429-Always-test-for-size-offset-wrapping.patch b/x11-base/xorg-server/files/1.4.0.90/0026-CVE-2007-6429-Always-test-for-size-offset-wrapping.patch new file mode 100644 index 000000000000..aa4900834e0d --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0026-CVE-2007-6429-Always-test-for-size-offset-wrapping.patch @@ -0,0 +1,44 @@ +From 44f46bfb981ca69515dafc520f62f33654711194 Mon Sep 17 00:00:00 2001 +From: Matthias Hopf <mhopf@suse.de> +Date: Mon, 21 Jan 2008 16:13:21 +0100 +Subject: [PATCH] CVE-2007-6429: Always test for size+offset wrapping. + +--- + Xext/shm.c | 12 ++++++------ + 1 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/Xext/shm.c b/Xext/shm.c +index 6f99e90..376f123 100644 +--- a/Xext/shm.c ++++ b/Xext/shm.c +@@ -753,10 +753,10 @@ CreatePmap: + if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) { + if (size < width * height) + return BadAlloc; +- /* thankfully, offset is unsigned */ +- if (stuff->offset + size < size) +- return BadAlloc; + } ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; + + VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + +@@ -1098,10 +1098,10 @@ CreatePmap: + if (sizeof(size) == 4 && BitsPerPixel(depth) > 8) { + if (size < width * height) + return BadAlloc; +- /* thankfully, offset is unsigned */ +- if (stuff->offset + size < size) +- return BadAlloc; + } ++ /* thankfully, offset is unsigned */ ++ if (stuff->offset + size < size) ++ return BadAlloc; + + VERIFY_SHMSIZE(shmdesc, stuff->offset, size, client); + pMap = (*shmFuncs[pDraw->pScreen->myNum]->CreatePixmap)( +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0027-Fix-context-sharing-between-direct-indirect-contexts.patch b/x11-base/xorg-server/files/1.4.0.90/0027-Fix-context-sharing-between-direct-indirect-contexts.patch new file mode 100644 index 000000000000..07642e134f94 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0027-Fix-context-sharing-between-direct-indirect-contexts.patch @@ -0,0 +1,38 @@ +From a65d4aed06acd839fb21153f74144498abda3e18 Mon Sep 17 00:00:00 2001 +From: Alan Hourihane <alanh@tungstengraphics.com> +Date: Wed, 27 Feb 2008 16:49:34 +0000 +Subject: [PATCH] Fix context sharing between direct/indirect contexts + +--- + GL/glx/glxdri.c | 8 ++++++++ + 1 files changed, 8 insertions(+), 0 deletions(-) + +diff --git a/GL/glx/glxdri.c b/GL/glx/glxdri.c +index 685683d..09abca3 100644 +--- a/GL/glx/glxdri.c ++++ b/GL/glx/glxdri.c +@@ -598,6 +598,9 @@ __glXDRIscreenCreateContext(__GLXscreen *baseScreen, + else + sharePrivate = NULL; + ++ if (baseShareContext && baseShareContext->isDirect) ++ return NULL; ++ + context = xalloc(sizeof *context); + if (context == NULL) + return NULL; +@@ -617,6 +620,11 @@ __glXDRIscreenCreateContext(__GLXscreen *baseScreen, + 0, /* render type */ + sharePrivate, + &context->driContext); ++ ++ if (!context->driContext.private) { ++ xfree(context); ++ return NULL; ++ } + + context->driContext.mode = modes; + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0028-Add-some-more-support-for-DragonFly.-From-Joerg-Sonn.patch b/x11-base/xorg-server/files/1.4.0.90/0028-Add-some-more-support-for-DragonFly.-From-Joerg-Sonn.patch new file mode 100644 index 000000000000..7f1e0dda5d80 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0028-Add-some-more-support-for-DragonFly.-From-Joerg-Sonn.patch @@ -0,0 +1,83 @@ +From 76b950cd6e03f0060afe463871de4570fca90213 Mon Sep 17 00:00:00 2001 +From: Jeremy C. Reed <reed@glacier.reedmedia.net> +Date: Thu, 16 Aug 2007 11:20:12 -0500 +Subject: [PATCH] Add some more support for DragonFly. From Joerg Sonnenberger + and pkgsrc. + (cherry picked from commit 1d4bea6106d7a1c83e1dfe37fad8268589feaa0b) + +--- + Xext/shm.c | 2 +- + Xext/xf86bigfont.c | 2 +- + hw/xfree86/loader/os.c | 2 ++ + hw/xfree86/os-support/bus/Pci.h | 2 +- + hw/xfree86/os-support/bus/freebsdPci.c | 2 +- + 5 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/Xext/shm.c b/Xext/shm.c +index 376f123..3c0d1ee 100644 +--- a/Xext/shm.c ++++ b/Xext/shm.c +@@ -154,7 +154,7 @@ static ShmFuncs fbFuncs = {fbShmCreatePixmap, fbShmPutImage}; + } + + +-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__CYGWIN__) ++#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__CYGWIN__) || defined(__DragonFly__) + #include <sys/signal.h> + + static Bool badSysCall = FALSE; +diff --git a/Xext/xf86bigfont.c b/Xext/xf86bigfont.c +index f50481f..c2f891a 100644 +--- a/Xext/xf86bigfont.c ++++ b/Xext/xf86bigfont.c +@@ -104,7 +104,7 @@ static unsigned int pagesize; + + static Bool badSysCall = FALSE; + +-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__CYGWIN__) ++#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__CYGWIN__) || defined(__DragonFly__) + + #include <sys/signal.h> + +diff --git a/hw/xfree86/loader/os.c b/hw/xfree86/loader/os.c +index fdddce8..12cf3d8 100644 +--- a/hw/xfree86/loader/os.c ++++ b/hw/xfree86/loader/os.c +@@ -42,6 +42,8 @@ + #define OSNAME "linux" + #elif defined(__FreeBSD__) + #define OSNAME "freebsd" ++#elif defined(__DragonFly__) ++#define OSNAME "dragonfly" + #elif defined(__NetBSD__) + #define OSNAME "netbsd" + #elif defined(__OpenBSD__) +diff --git a/hw/xfree86/os-support/bus/Pci.h b/hw/xfree86/os-support/bus/Pci.h +index f0cb916..5ebbdd5 100644 +--- a/hw/xfree86/os-support/bus/Pci.h ++++ b/hw/xfree86/os-support/bus/Pci.h +@@ -235,7 +235,7 @@ + # if defined(linux) + # define ARCH_PCI_INIT axpPciInit + # define INCLUDE_XF86_MAP_PCI_MEM +-# elif defined(__FreeBSD__) || defined(__OpenBSD__) ++# elif defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) + # define ARCH_PCI_INIT freebsdPciInit + # define INCLUDE_XF86_MAP_PCI_MEM + # define INCLUDE_XF86_NO_DOMAIN +diff --git a/hw/xfree86/os-support/bus/freebsdPci.c b/hw/xfree86/os-support/bus/freebsdPci.c +index 61cb405..63c00b2 100644 +--- a/hw/xfree86/os-support/bus/freebsdPci.c ++++ b/hw/xfree86/os-support/bus/freebsdPci.c +@@ -83,7 +83,7 @@ static pciBusInfo_t freebsdPci0 = { + /* bridge */ NULL + }; + +-#if !defined(__OpenBSD__) && !defined(__FreeBSD__) ++#if !defined(__OpenBSD__) && !defined(__FreeBSD__) && !defined(__DragonFly__) + #if X_BYTE_ORDER == X_BIG_ENDIAN + #ifdef __sparc__ + #ifndef ASI_PL +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0029-configure.ac-DragonFly-BSD-support.patch b/x11-base/xorg-server/files/1.4.0.90/0029-configure.ac-DragonFly-BSD-support.patch new file mode 100644 index 000000000000..27320bdd19ea --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0029-configure.ac-DragonFly-BSD-support.patch @@ -0,0 +1,53 @@ +From dd6b0de38d649617600a8357e576955c9b831328 Mon Sep 17 00:00:00 2001 +From: Hasso Tepper <hasso@estpak.ee> +Date: Mon, 7 Apr 2008 14:09:04 +0300 +Subject: [PATCH] configure.ac: DragonFly BSD support + +Add support for DragonFly BSD, which is just the same as FreeBSD for all +of these cases. +(cherry picked from commit 0f87b41a432a6472a15ec0c9dee997e3bddbd0f2) +--- + configure.ac | 6 ++++-- + 1 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 72d9819..dfb2950 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -291,6 +291,7 @@ case $host_cpu in + darwin*) use_x86_asm="no" ;; + *linux*) DEFAULT_INT10=vm86 ;; + *freebsd*) AC_DEFINE(USE_DEV_IO) ;; ++ *dragonfly*) AC_DEFINE(USE_DEV_IO) ;; + *netbsd*) AC_DEFINE(USE_I386_IOPL) + SYS_LIBS=-li386 + ;; +@@ -316,6 +317,7 @@ case $host_cpu in + case $host_os in + darwin*) use_x86_asm="no" ;; + *freebsd*) AC_DEFINE(USE_DEV_IO, 1, [BSD /dev/io]) ;; ++ *dragonfly*) AC_DEFINE(USE_DEV_IO, 1, [BSD /dev/io]) ;; + *netbsd*) AC_DEFINE(USE_I386_IOPL, 1, [BSD i386 iopl]) + SYS_LIBS=-lx86_64 + ;; +@@ -337,7 +339,7 @@ DRI=no + KDRIVE_HW=no + dnl it would be nice to autodetect these *CONS_SUPPORTs + case $host_os in +- *freebsd*) ++ *freebsd* | *dragonfly*) + case $host_os in + kfreebsd*-gnu) ;; + *) AC_DEFINE(CSRG_BASED, 1, [System is BSD-like]) ;; +@@ -1363,7 +1365,7 @@ return 0;} + ;; + esac + ;; +- freebsd* | kfreebsd*-gnu) ++ freebsd* | kfreebsd*-gnu | dragonfly*) + XORG_OS="freebsd" + XORG_OS_SUBDIR="bsd" + case $host_cpu in +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0030-Fixed-configure.ac-for-autoconf-2.62.patch b/x11-base/xorg-server/files/1.4.0.90/0030-Fixed-configure.ac-for-autoconf-2.62.patch new file mode 100644 index 000000000000..cd4ba964abb2 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0030-Fixed-configure.ac-for-autoconf-2.62.patch @@ -0,0 +1,28 @@ +From 9e9eeca2b094fa9edb9c20002d42aeafb14ad1e4 Mon Sep 17 00:00:00 2001 +From: Tilman Sauerbeck <tilman@code-monkey.de> +Date: Thu, 10 Apr 2008 21:36:19 +0200 +Subject: [PATCH] Fixed configure.ac for autoconf 2.62. + (cherry picked from commit 3c337e18b933881e22b0d03312511f1d23a8640b) + +--- + configure.ac | 4 +++- + 1 files changed, 3 insertions(+), 1 deletions(-) + +diff --git a/configure.ac b/configure.ac +index dfb2950..4841d26 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1964,7 +1964,9 @@ DIX_CFLAGS="-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS" + + AC_SUBST([DIX_CFLAGS]) + +-AC_SUBST([libdir exec_prefix prefix]) ++AC_SUBST([libdir]) ++AC_SUBST([exec_prefix]) ++AC_SUBST([prefix]) + + # Man page sections - used in config utils & generating man pages + XORG_MANPAGE_SECTIONS +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0031-EXA-Fix-off-by-one-in-polyline-drawing.patch b/x11-base/xorg-server/files/1.4.0.90/0031-EXA-Fix-off-by-one-in-polyline-drawing.patch new file mode 100644 index 000000000000..07ea963dcb90 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0031-EXA-Fix-off-by-one-in-polyline-drawing.patch @@ -0,0 +1,26 @@ +From 6afcf996cade0c9464d6af9b04b177b1de138cfd Mon Sep 17 00:00:00 2001 +From: Pierre Willenbrock <pierre@pirsoft.dnsalias.org> +Date: Tue, 23 Oct 2007 16:45:13 +0200 +Subject: [PATCH] EXA: Fix off-by-one in polyline drawing. + (cherry picked from commit d502521c3669f3f22b94c39a64ab63bfd92c6a97) + +--- + exa/exa_accel.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/exa/exa_accel.c b/exa/exa_accel.c +index aed4e42..e8444c6 100644 +--- a/exa/exa_accel.c ++++ b/exa/exa_accel.c +@@ -535,7 +535,7 @@ exaPolylines(DrawablePtr pDrawable, GCPtr pGC, int mode, int npt, + x1 = ppt[0].x; + y1 = ppt[0].y; + /* If we have any non-horizontal/vertical, fall back. */ +- for (i = 0; i < npt; i++) { ++ for (i = 0; i < npt - 1; i++) { + if (mode == CoordModePrevious) { + x2 = x1 + ppt[i + 1].x; + y2 = y1 + ppt[i + 1].y; +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0032-XKB-Fix-processInputProc-wrapping.patch b/x11-base/xorg-server/files/1.4.0.90/0032-XKB-Fix-processInputProc-wrapping.patch new file mode 100644 index 000000000000..e3efcdad3724 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0032-XKB-Fix-processInputProc-wrapping.patch @@ -0,0 +1,83 @@ +From fdfb57d342da0ace14eed635804ebc31441240c5 Mon Sep 17 00:00:00 2001 +From: Thomas Jaeger <thjaeger@gmail.com> +Date: Tue, 1 Apr 2008 15:27:06 +0300 +Subject: [PATCH] XKB: Fix processInputProc wrapping + +If input processing is frozen, only wrap realInputProc: don't smash +processInputProc as well. When input processing is thawed, pIP will be +rewrapped correctly. + +This supersedes the previous workaround in 50e80c9. + +Signed-off-by: Daniel Stone <daniel@fooishbar.org> +(cherry picked from commit 37b1258f0a288a79ce6a3eef3559e17a67c4dd96) +--- + include/xkbsrv.h | 16 ++++++++++++---- + xkb/xkbActions.c | 9 ++++----- + 2 files changed, 16 insertions(+), 9 deletions(-) + +diff --git a/include/xkbsrv.h b/include/xkbsrv.h +index 9174eb6..acf3bb0 100644 +--- a/include/xkbsrv.h ++++ b/include/xkbsrv.h +@@ -241,6 +241,14 @@ typedef struct _XkbSrvLedInfo { + typedef struct + { + ProcessInputProc processInputProc; ++ /* If processInputProc is set to something different than realInputProc, ++ * UNWRAP and COND_WRAP will not touch processInputProc and update only ++ * realInputProc. This ensures that ++ * processInputProc == (frozen ? EnqueueEvent : realInputProc) ++ * ++ * WRAP_PROCESS_INPUT_PROC should only be called during initialization, ++ * since it may destroy this invariant. ++ */ + ProcessInputProc realInputProc; + DeviceUnwrapProc unwrapProc; + } xkbDeviceInfoRec, *xkbDeviceInfoPtr; +@@ -258,14 +266,14 @@ typedef struct + device->public.processInputProc = proc; \ + oldprocs->processInputProc = \ + oldprocs->realInputProc = device->public.realInputProc; \ +- if (proc != device->public.enqueueInputProc) \ +- device->public.realInputProc = proc; \ ++ device->public.realInputProc = proc; \ + oldprocs->unwrapProc = device->unwrapProc; \ + device->unwrapProc = unwrapproc; + + #define UNWRAP_PROCESS_INPUT_PROC(device, oldprocs, backupproc) \ +- backupproc = device->public.processInputProc; \ +- device->public.processInputProc = oldprocs->processInputProc; \ ++ backupproc = device->public.realInputProc; \ ++ if (device->public.processInputProc == device->public.realInputProc)\ ++ device->public.processInputProc = oldprocs->realInputProc; \ + device->public.realInputProc = oldprocs->realInputProc; \ + device->unwrapProc = oldprocs->unwrapProc; + +diff --git a/xkb/xkbActions.c b/xkb/xkbActions.c +index 6edac29..59d34c5 100644 +--- a/xkb/xkbActions.c ++++ b/xkb/xkbActions.c +@@ -50,15 +50,14 @@ xkbUnwrapProc(DeviceIntPtr device, DeviceHandleProc proc, + pointer data) + { + xkbDeviceInfoPtr xkbPrivPtr = XKBDEVICEINFO(device); +- ProcessInputProc tmp = device->public.processInputProc; +- ProcessInputProc dummy; /* unused, but neede for macro */ ++ ProcessInputProc backupproc; + if(xkbPrivPtr->unwrapProc) + xkbPrivPtr->unwrapProc = NULL; + +- UNWRAP_PROCESS_INPUT_PROC(device,xkbPrivPtr, dummy); ++ UNWRAP_PROCESS_INPUT_PROC(device,xkbPrivPtr, backupproc); + proc(device,data); +- WRAP_PROCESS_INPUT_PROC(device,xkbPrivPtr, +- tmp,xkbUnwrapProc); ++ COND_WRAP_PROCESS_INPUT_PROC(device,xkbPrivPtr, ++ backupproc,xkbUnwrapProc); + } + + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0033-xfree86-fix-AlwaysCore-handling.-Bug-14256.patch b/x11-base/xorg-server/files/1.4.0.90/0033-xfree86-fix-AlwaysCore-handling.-Bug-14256.patch new file mode 100644 index 000000000000..4f99da55be7b --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0033-xfree86-fix-AlwaysCore-handling.-Bug-14256.patch @@ -0,0 +1,29 @@ +From ff4006bd5a71d39cc5655679447c5c47a99a2751 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer <peter@cs.unisa.edu.au> +Date: Tue, 29 Jan 2008 10:01:37 +1030 +Subject: [PATCH] xfree86: fix AlwaysCore handling. (Bug #14256) + +Assume AlwaysCore being set by default, just like the other options. + +X.Org Bug 14256 <http://bugs.freedesktop.org/show_bug.cgi?id=14256> +(cherry picked from commit 5b8641a5fdc112c19e78ca2954878712e328d403) +--- + hw/xfree86/common/xf86Xinput.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/hw/xfree86/common/xf86Xinput.c b/hw/xfree86/common/xf86Xinput.c +index b939fb7..ca2be5c 100644 +--- a/hw/xfree86/common/xf86Xinput.c ++++ b/hw/xfree86/common/xf86Xinput.c +@@ -116,7 +116,7 @@ _X_EXPORT void + xf86ProcessCommonOptions(LocalDevicePtr local, + pointer list) + { +- if (xf86SetBoolOption(list, "AlwaysCore", 0) || ++ if (!xf86SetBoolOption(list, "AlwaysCore", 1) || + !xf86SetBoolOption(list, "SendCoreEvents", 1) || + !xf86SetBoolOption(list, "CorePointer", 1) || + !xf86SetBoolOption(list, "CoreKeyboard", 1)) { +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0034-Ignore-not-just-block-SIGALRM-around-Popen-Pcl.patch b/x11-base/xorg-server/files/1.4.0.90/0034-Ignore-not-just-block-SIGALRM-around-Popen-Pcl.patch new file mode 100644 index 000000000000..da020faa9bf0 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0034-Ignore-not-just-block-SIGALRM-around-Popen-Pcl.patch @@ -0,0 +1,58 @@ +From 6a5066c2e9e872d4ef85ec70745c34d93580177e Mon Sep 17 00:00:00 2001 +From: Adam Jackson <ajax@benzedrine.nwnk.net> +Date: Tue, 11 Sep 2007 11:37:06 -0400 +Subject: [PATCH] Ignore - not just block - SIGALRM around Popen()/Pclose(). + +Because our "popen" implementation uses stdio, and because nobody's stdio +library is capable of surviving signals, we need to make absolutely sure +that we hide the SIGALRM from the smart scheduler. Otherwise, when you +open a menu in openoffice, and it recompiles XKB to deal with the +accelerators, and you popen xkbcomp because we suck, then the scheduler +will tell you you're taking forever doing something stupid, and the +wait() code will get confused, and input will hang and your CPU usage +slams to 100%. Down, not across. +--- + os/utils.c | 8 ++++++++ + 1 files changed, 8 insertions(+), 0 deletions(-) + +diff --git a/os/utils.c b/os/utils.c +index 3bb7dbe..afcaae4 100644 +--- a/os/utils.c ++++ b/os/utils.c +@@ -1720,6 +1720,8 @@ static struct pid { + int pid; + } *pidlist; + ++static sighandler_t old_alarm = NULL; /* XXX horrible awful hack */ ++ + pointer + Popen(char *command, char *type) + { +@@ -1741,11 +1743,15 @@ Popen(char *command, char *type) + return NULL; + } + ++ /* Ignore the smart scheduler while this is going on */ ++ old_alarm = signal(SIGALRM, SIG_IGN); ++ + switch (pid = fork()) { + case -1: /* error */ + close(pdes[0]); + close(pdes[1]); + xfree(cur); ++ signal(SIGALRM, old_alarm); + return NULL; + case 0: /* child */ + if (setgid(getgid()) == -1) +@@ -1921,6 +1927,8 @@ Pclose(pointer iop) + /* allow EINTR again */ + OsReleaseSignals (); + ++ signal(SIGALRM, old_alarm); ++ + return pid == -1 ? -1 : pstat; + } + +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0035-Fix-build-on-FreeBSD-after-Popen-changes.patch b/x11-base/xorg-server/files/1.4.0.90/0035-Fix-build-on-FreeBSD-after-Popen-changes.patch new file mode 100644 index 000000000000..9436d951964b --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0035-Fix-build-on-FreeBSD-after-Popen-changes.patch @@ -0,0 +1,25 @@ +From a02b989c68864a7388553fb96e4fbaf91f941c4a Mon Sep 17 00:00:00 2001 +From: Eric Anholt <eric@anholt.net> +Date: Wed, 12 Sep 2007 13:23:13 +0000 +Subject: [PATCH] Fix build on FreeBSD after Popen changes. + +--- + os/utils.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/os/utils.c b/os/utils.c +index afcaae4..144098b 100644 +--- a/os/utils.c ++++ b/os/utils.c +@@ -1720,7 +1720,7 @@ static struct pid { + int pid; + } *pidlist; + +-static sighandler_t old_alarm = NULL; /* XXX horrible awful hack */ ++void (*old_alarm)(int) = NULL; /* XXX horrible awful hack */ + + pointer + Popen(char *command, char *type) +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0036-So-like-checking-return-codes-of-system-calls-sig.patch b/x11-base/xorg-server/files/1.4.0.90/0036-So-like-checking-return-codes-of-system-calls-sig.patch new file mode 100644 index 000000000000..72379f3c2c91 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0036-So-like-checking-return-codes-of-system-calls-sig.patch @@ -0,0 +1,83 @@ +From 0fab9843c7b553bb59d57e68d9c3ea2d754bf809 Mon Sep 17 00:00:00 2001 +From: Ben Byer <bbyer@bbyer.apple.com> +Date: Fri, 21 Sep 2007 17:07:36 -0700 +Subject: [PATCH] So, like, checking return codes of system calls (signal, etc) is good. + Also, only restore an old signal handler if one was actually set + (prevents the server from dying on OS X). + +--- + os/utils.c | 24 ++++++++++++++++++++---- + 1 files changed, 20 insertions(+), 4 deletions(-) + +diff --git a/os/utils.c b/os/utils.c +index 144098b..36c8dfe 100644 +--- a/os/utils.c ++++ b/os/utils.c +@@ -285,7 +285,8 @@ OsSignal(sig, handler) + sigaddset(&act.sa_mask, sig); + act.sa_flags = 0; + act.sa_handler = handler; +- sigaction(sig, &act, &oact); ++ if (sigaction(sig, &act, &oact)) ++ perror("sigaction"); + return oact.sa_handler; + #endif + } +@@ -1684,6 +1685,10 @@ System(char *command) + + #ifdef SIGCHLD + csig = signal(SIGCHLD, SIG_DFL); ++ if (csig == SIG_ERR) { ++ perror("signal"); ++ return -1; ++ } + #endif + + #ifdef DEBUG +@@ -1708,7 +1713,10 @@ System(char *command) + } + + #ifdef SIGCHLD +- signal(SIGCHLD, csig); ++ if (signal(SIGCHLD, csig) == SIG_ERR) { ++ perror("signal"); ++ return -1; ++ } + #endif + + return p == -1 ? -1 : status; +@@ -1745,13 +1753,18 @@ Popen(char *command, char *type) + + /* Ignore the smart scheduler while this is going on */ + old_alarm = signal(SIGALRM, SIG_IGN); ++ if (old_alarm == SIG_ERR) { ++ perror("signal"); ++ return NULL; ++ } + + switch (pid = fork()) { + case -1: /* error */ + close(pdes[0]); + close(pdes[1]); + xfree(cur); +- signal(SIGALRM, old_alarm); ++ if (signal(SIGALRM, old_alarm) == SIG_ERR) ++ perror("signal"); + return NULL; + case 0: /* child */ + if (setgid(getgid()) == -1) +@@ -1927,7 +1940,10 @@ Pclose(pointer iop) + /* allow EINTR again */ + OsReleaseSignals (); + +- signal(SIGALRM, old_alarm); ++ if (old_alarm && signal(SIGALRM, old_alarm) == SIG_ERR) { ++ perror("signal"); ++ return -1; ++ } + + return pid == -1 ? -1 : pstat; + } +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0037-Check-for-sys-sdt.h-as-well-when-determining-to-en.patch b/x11-base/xorg-server/files/1.4.0.90/0037-Check-for-sys-sdt.h-as-well-when-determining-to-en.patch new file mode 100644 index 000000000000..bac9999a9428 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0037-Check-for-sys-sdt.h-as-well-when-determining-to-en.patch @@ -0,0 +1,39 @@ +From b95befdfd2c9bcb6b0cd896f2b8dfaaeb129dbff Mon Sep 17 00:00:00 2001 +From: Alan Coopersmith <alan.coopersmith@sun.com> +Date: Fri, 7 Dec 2007 17:28:37 -0800 +Subject: [PATCH] Check for <sys/sdt.h> as well when determining to enable dtrace probes + +Avoids auto-detecting dtrace is present on systems with the ISDN trace tool +named dtrace installed, but not the dynamic tracing facility named dtrace +--- + configure.ac | 7 +++++++ + 1 files changed, 7 insertions(+), 0 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 4841d26..c73f4a7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -66,6 +66,8 @@ AC_SYS_LARGEFILE + XORG_PROG_RAWCPP + + dnl Check for dtrace program (needed to build Xserver dtrace probes) ++dnl Also checks for <sys/sdt.h>, since some Linux distros have an ++dnl ISDN trace program named dtrace + AC_ARG_WITH(dtrace, AS_HELP_STRING([--with-dtrace=PATH], + [Enable dtrace probes (default: enabled if dtrace found)]), + [WDTRACE=$withval], [WDTRACE=auto]) +@@ -76,6 +78,11 @@ if test "x$WDTRACE" = "xyes" -o "x$WDTRACE" = "xauto" ; then + AC_MSG_FAILURE([dtrace requested but not found]) + fi + WDTRACE="no" ++ else ++ AC_CHECK_HEADER(sys/sdt.h, [HAS_SDT_H="yes"], [HAS_SDT_H="no"]) ++ if test "x$WDTRACE" = "xauto" -a "x$HAS_SDT_H" = "xno" ; then ++ WDTRACE="no" ++ fi + fi + fi + if test "x$WDTRACE" != "xno" ; then +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0038-dix-Always-add-valuator-information-if-present.patch b/x11-base/xorg-server/files/1.4.0.90/0038-dix-Always-add-valuator-information-if-present.patch new file mode 100644 index 000000000000..76f0dd8c6641 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0038-dix-Always-add-valuator-information-if-present.patch @@ -0,0 +1,47 @@ +From 7fa7031cfa9145f55881b87bc39f6e2c8a49ff76 Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Magnus=20Vigerl=C3=B6f?= <Magnus.Vigerlof@ipbo.se> +Date: Sat, 2 Feb 2008 22:44:31 +0100 +Subject: [PATCH] dix: Always add valuator information if present + +Send valuator information for all event types, not only for +MotionEvents and absolute button events. +(cherry picked from commit 12e532403210c15a25200ef448bfe9701735ab20) +--- + dix/getevents.c | 7 ++----- + 1 files changed, 2 insertions(+), 5 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index b7ba69b..36c1bcf 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -523,9 +523,6 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + int num_events = 0, final_valuator = 0; + CARD32 ms = 0; + deviceKeyButtonPointer *kbp = NULL; +- /* Thanks to a broken lib, we _always_ have to chase DeviceMotionNotifies +- * with DeviceValuators. */ +- Bool sendValuators = (type == MotionNotify || flags & POINTER_ABSOLUTE); + DeviceIntPtr cp = inputInfo.pointer; + int x = 0, y = 0; + Bool coreOnly = (pDev == inputInfo.pointer); +@@ -551,7 +548,7 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + return 0; + + /* Do we need to send a DeviceValuator event? */ +- if (!coreOnly && sendValuators) { ++ if (!coreOnly && num_valuators) { + if ((((num_valuators - 1) / 6) + 1) > MAX_VALUATOR_EVENTS) + num_valuators = MAX_VALUATOR_EVENTS * 6; + num_events += ((num_valuators - 1) / 6) + 1; +@@ -682,7 +679,7 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + kbp->root_y = y; + + events++; +- if (sendValuators) { ++ if (num_valuators) { + kbp->deviceid |= MORE_EVENTS; + clipValuators(pDev, first_valuator, num_valuators, valuators); + events = getValuatorEvents(events, pDev, first_valuator, +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0039-Bug-10324-dix-Allow-arbitrary-value-ranges-in-Ge.patch b/x11-base/xorg-server/files/1.4.0.90/0039-Bug-10324-dix-Allow-arbitrary-value-ranges-in-Ge.patch new file mode 100644 index 000000000000..7bcedb804e64 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0039-Bug-10324-dix-Allow-arbitrary-value-ranges-in-Ge.patch @@ -0,0 +1,40 @@ +From 1d79ba8193e9584370ffaaa8dffb4db604125dea Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Magnus=20Vigerl=C3=B6f?= <Magnus.Vigerlof@ipbo.se> +Date: Sat, 2 Feb 2008 22:45:31 +0100 +Subject: [PATCH] Bug # 10324: dix: Allow arbitrary value ranges in GetPointerEvents + +Don't use a possitive value as a marker for if a max-value +is defined on the valuators. Use the existence of a valid +value range instead. This will also make it possible to +define arbitrary start and end-values for min and max as +long as min < max. +(cherry picked from commit f04c0838699f1a733735838e74cfbb1677b15dc4) +--- + dix/getevents.c | 11 +++++++---- + 1 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index 36c1bcf..8595eaf 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -306,10 +306,13 @@ clipAxis(DeviceIntPtr pDev, int axisNum, int *val) + { + AxisInfoPtr axes = pDev->valuator->axes + axisNum; + +- if (*val < axes->min_value) +- *val = axes->min_value; +- if (axes->max_value >= 0 && *val > axes->max_value) +- *val = axes->max_value; ++ /* No clipping if the value-range <= 0 */ ++ if(axes->min_value < axes->min_value) { ++ if (*val < axes->min_value) ++ *val = axes->min_value; ++ if (*val > axes->max_value) ++ *val = axes->max_value; ++ } + } + + /** +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0040-Bug-10324-dix-Add-scaling-of-X-and-Y-on-the-repo.patch b/x11-base/xorg-server/files/1.4.0.90/0040-Bug-10324-dix-Add-scaling-of-X-and-Y-on-the-repo.patch new file mode 100644 index 000000000000..560aad1f7957 --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0040-Bug-10324-dix-Add-scaling-of-X-and-Y-on-the-repo.patch @@ -0,0 +1,173 @@ +From b51ca35a7578b64190f663dc825d7fb551b92e73 Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Magnus=20Vigerl=C3=B6f?= <Magnus.Vigerlof@ipbo.se> +Date: Sat, 2 Feb 2008 22:57:32 +0100 +Subject: [PATCH] Bug # 10324: dix: Add scaling of X and Y on the reported pointer-events + +Restore the rescaling code for x and y axis when generating +motion events. +(cherry picked from commit d9e23c4ff1607a62164b34717ef9afd352ce2b94) +--- + dix/getevents.c | 97 +++++++++++++++++++++++++++++++++++++++++++------------ + 1 files changed, 76 insertions(+), 21 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index 8595eaf..e0bc326 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -529,6 +529,7 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + DeviceIntPtr cp = inputInfo.pointer; + int x = 0, y = 0; + Bool coreOnly = (pDev == inputInfo.pointer); ++ ScreenPtr scr = miPointerGetScreen(pDev); + + /* Sanity checks. */ + if (type != MotionNotify && type != ButtonPress && type != ButtonRelease) +@@ -572,20 +573,39 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + x = valuators[0]; + } + else { +- if (pDev->coreEvents) +- x = cp->valuator->lastx; +- else +- x = pDev->valuator->lastx; ++ /* If we're sending core events but didn't provide a value, ++ * translate the core value (but use the device coord if ++ * it translates to the same coord to preserve sub-pixel ++ * coord information). If we're not sending core events use ++ * whatever value we have */ ++ x = pDev->valuator->lastx; ++ if(pDev->coreEvents) { ++ int min = pDev->valuator->axes[0].min_value; ++ int max = pDev->valuator->axes[0].max_value; ++ if(min < max) { ++ if((int)((float)(x-min)*scr->width/(max-min+1)) != cp->valuator->lastx) ++ x = (int)((float)(cp->valuator->lastx)*(max-min+1)/scr->width)+min; ++ } ++ else ++ x = cp->valuator->lastx; ++ } + } + + if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) { + y = valuators[1 - first_valuator]; + } + else { +- if (pDev->coreEvents) +- y = cp->valuator->lasty; +- else +- y = pDev->valuator->lasty; ++ y = pDev->valuator->lasty; ++ if(pDev->coreEvents) { ++ int min = pDev->valuator->axes[1].min_value; ++ int max = pDev->valuator->axes[1].max_value; ++ if(min < max) { ++ if((int)((float)(y-min)*scr->height/(max-min+1)) != cp->valuator->lasty) ++ y = (int)((float)(cp->valuator->lasty)*(max-min+1)/scr->height)+min; ++ } ++ else ++ y = cp->valuator->lasty; ++ } + } + } + else { +@@ -594,15 +614,35 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + valuators); + + if (pDev->coreEvents) { +- if (first_valuator == 0 && num_valuators >= 1) +- x = cp->valuator->lastx + valuators[0]; ++ /* Get and convert the core pointer coordinate space into ++ * device coordinates. Use the device coords if it translates ++ * into the same position as the core to preserve relative sub- ++ * pixel movements from the device. */ ++ int min = pDev->valuator->axes[0].min_value; ++ int max = pDev->valuator->axes[0].max_value; ++ if(min < max) { ++ x = pDev->valuator->lastx; ++ if((int)((float)(x-min)*scr->width/(max-min+1)) != cp->valuator->lastx) ++ x = (int)((float)(cp->valuator->lastx)*(max-min+1)/scr->width)+min; ++ } + else + x = cp->valuator->lastx; + +- if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) +- y = cp->valuator->lasty + valuators[1 - first_valuator]; ++ min = pDev->valuator->axes[1].min_value; ++ max = pDev->valuator->axes[1].max_value; ++ if(min < max) { ++ y = pDev->valuator->lasty; ++ if((int)((float)(y-min)*scr->height/(max-min+1)) != cp->valuator->lasty) ++ y = (int)((float)(cp->valuator->lasty)*(max-min+1)/scr->height)+min; ++ } + else + y = cp->valuator->lasty; ++ ++ /* Add relative movement */ ++ if (first_valuator == 0 && num_valuators >= 1) ++ x += valuators[0]; ++ if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) ++ y += valuators[1 - first_valuator]; + } + else { + if (first_valuator == 0 && num_valuators >= 1) +@@ -621,11 +661,6 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + clipAxis(pDev, 0, &x); + clipAxis(pDev, 1, &y); + +- /* This takes care of crossing screens for us, as well as clipping +- * to the current screen. Right now, we only have one history buffer, +- * so we don't set this for both the device and core.*/ +- miPointerSetPosition(pDev, &x, &y, ms); +- + /* Drop x and y back into the valuators list, if they were originally + * present. */ + if (first_valuator == 0 && num_valuators >= 1) +@@ -635,12 +670,32 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + + updateMotionHistory(pDev, ms, first_valuator, num_valuators, valuators); + ++ pDev->valuator->lastx = x; ++ pDev->valuator->lasty = y; ++ /* Convert the dev coord back to screen coord if we're ++ * sending core events */ ++ if (pDev->coreEvents) { ++ int min = pDev->valuator->axes[0].min_value; ++ int max = pDev->valuator->axes[0].max_value; ++ if(min < max) ++ x = (int)((float)(x-min)*scr->width/(max-min+1)); ++ cp->valuator->lastx = x; ++ min = pDev->valuator->axes[1].min_value; ++ max = pDev->valuator->axes[1].max_value; ++ if(min < max) ++ y = (int)((float)(y-min)*scr->height/(max-min+1)); ++ cp->valuator->lasty = y; ++ } ++ ++ /* This takes care of crossing screens for us, as well as clipping ++ * to the current screen. Right now, we only have one history buffer, ++ * so we don't set this for both the device and core.*/ ++ miPointerSetPosition(pDev, &x, &y, ms); ++ + if (pDev->coreEvents) { + cp->valuator->lastx = x; + cp->valuator->lasty = y; + } +- pDev->valuator->lastx = x; +- pDev->valuator->lasty = y; + + /* for some reason inputInfo.pointer does not have coreEvents set */ + if (coreOnly || pDev->coreEvents) { +@@ -678,8 +733,8 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + kbp->detail = pDev->button->map[buttons]; + } + +- kbp->root_x = x; +- kbp->root_y = y; ++ kbp->root_x = pDev->valuator->lastx; ++ kbp->root_y = pDev->valuator->lasty; + + events++; + if (num_valuators) { +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0041-dix-Skip-call-to-clipAxis-for-relative-core-events.patch b/x11-base/xorg-server/files/1.4.0.90/0041-dix-Skip-call-to-clipAxis-for-relative-core-events.patch new file mode 100644 index 000000000000..b9e56ce3733c --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0041-dix-Skip-call-to-clipAxis-for-relative-core-events.patch @@ -0,0 +1,93 @@ +From a68d0ef4a65bcd52c52ba54e6925082a9145fad3 Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Magnus=20Vigerl=C3=B6f?= <Magnus.Vigerlof@ipbo.se> +Date: Sat, 2 Feb 2008 23:03:51 +0100 +Subject: [PATCH] dix: Skip call to clipAxis for relative core-events + +Relative events that generates both core and extention +events will have its axis cliped and screen changed by +miPointerSetPosition when the events are processed. For +absolute and non core-generating relative events the +axis must be clipped if we shouldn't end up completely +outside the defined ranges (if any). +(cherry picked from commit a0284d577aabea8406b72dd63773e341430ebe56) +--- + dix/getevents.c | 44 +++++++++++++++++++++++++++++++++----------- + 1 files changed, 33 insertions(+), 11 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index e0bc326..c33371b 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -607,6 +607,10 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + y = cp->valuator->lasty; + } + } ++ ++ /* Clip both x and y to the defined limits (usually co-ord space limit). */ ++ clipAxis(pDev, 0, &x); ++ clipAxis(pDev, 1, &y); + } + else { + if (flags & POINTER_ACCELERATE) +@@ -645,22 +649,22 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + y += valuators[1 - first_valuator]; + } + else { ++ x = pDev->valuator->lastx; ++ y = pDev->valuator->lasty; + if (first_valuator == 0 && num_valuators >= 1) +- x = pDev->valuator->lastx + valuators[0]; +- else +- x = pDev->valuator->lastx; +- ++ x += valuators[0]; + if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) +- y = pDev->valuator->lasty + valuators[1 - first_valuator]; +- else +- y = pDev->valuator->lasty; ++ y += valuators[1 - first_valuator]; ++ ++ if(!coreOnly) { ++ /* Since we're not sending core-events we must clip both x and y ++ * to the defined limits so we don't run outside the box. */ ++ clipAxis(pDev, 0, &x); ++ clipAxis(pDev, 1, &y); ++ } + } + } + +- /* Clip both x and y to the defined limits (usually co-ord space limit). */ +- clipAxis(pDev, 0, &x); +- clipAxis(pDev, 1, &y); +- + /* Drop x and y back into the valuators list, if they were originally + * present. */ + if (first_valuator == 0 && num_valuators >= 1) +@@ -693,6 +697,24 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + miPointerSetPosition(pDev, &x, &y, ms); + + if (pDev->coreEvents) { ++ /* miPointerSetPosition may have changed screen */ ++ scr = miPointerGetScreen(pDev); ++ if(x != cp->valuator->lastx) { ++ int min = pDev->valuator->axes[0].min_value; ++ int max = pDev->valuator->axes[0].max_value; ++ cp->valuator->lastx = pDev->valuator->lastx = x; ++ if(min < max) ++ pDev->valuator->lastx = (int)((float)(x)*(max-min+1)/scr->width)+min; ++ } ++ if(y != cp->valuator->lasty) { ++ int min = pDev->valuator->axes[1].min_value; ++ int max = pDev->valuator->axes[1].max_value; ++ cp->valuator->lasty = pDev->valuator->lasty = y; ++ if(min < max) ++ pDev->valuator->lasty = (int)((float)(y)*(max-min+1)/scr->height)+min; ++ } ++ } ++ else if (coreOnly) { + cp->valuator->lastx = x; + cp->valuator->lasty = y; + } +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0042-dix-Move-motion-history-update-until-after-screen-c.patch b/x11-base/xorg-server/files/1.4.0.90/0042-dix-Move-motion-history-update-until-after-screen-c.patch new file mode 100644 index 000000000000..766c9f2fe42d --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0042-dix-Move-motion-history-update-until-after-screen-c.patch @@ -0,0 +1,51 @@ +From b1145a6b428db2037c79ffb36116e7183f30829f Mon Sep 17 00:00:00 2001 +From: =?utf-8?q?Magnus=20Vigerl=C3=B6f?= <Magnus.Vigerlof@ipbo.se> +Date: Sat, 2 Feb 2008 23:04:46 +0100 +Subject: [PATCH] dix: Move motion history update until after screen crossing and clipping + +Cross screen and clip the coordinates before updating the motion history +so that it will have the same contents as the events that are reported. +(cherry picked from commit a56ef7aaa4b6ac13c8181f68fc7dad3ca89e6973) +--- + dix/getevents.c | 18 +++++++++--------- + 1 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/dix/getevents.c b/dix/getevents.c +index c33371b..d0fe2db 100644 +--- a/dix/getevents.c ++++ b/dix/getevents.c +@@ -665,15 +665,6 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + } + } + +- /* Drop x and y back into the valuators list, if they were originally +- * present. */ +- if (first_valuator == 0 && num_valuators >= 1) +- valuators[0] = x; +- if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) +- valuators[1 - first_valuator] = y; +- +- updateMotionHistory(pDev, ms, first_valuator, num_valuators, valuators); +- + pDev->valuator->lastx = x; + pDev->valuator->lasty = y; + /* Convert the dev coord back to screen coord if we're +@@ -719,6 +710,15 @@ GetPointerEvents(xEvent *events, DeviceIntPtr pDev, int type, int buttons, + cp->valuator->lasty = y; + } + ++ /* Drop x and y back into the valuators list, if they were originally ++ * present. */ ++ if (first_valuator == 0 && num_valuators >= 1) ++ valuators[0] = pDev->valuator->lastx; ++ if (first_valuator <= 1 && num_valuators >= (2 - first_valuator)) ++ valuators[1 - first_valuator] = pDev->valuator->lasty; ++ ++ updateMotionHistory(pDev, ms, first_valuator, num_valuators, valuators); ++ + /* for some reason inputInfo.pointer does not have coreEvents set */ + if (coreOnly || pDev->coreEvents) { + events->u.u.type = type; +-- +1.5.5.1 + diff --git a/x11-base/xorg-server/files/1.4.0.90/0043-XKB-Actually-explain-keymap-failures.patch b/x11-base/xorg-server/files/1.4.0.90/0043-XKB-Actually-explain-keymap-failures.patch new file mode 100644 index 000000000000..14ac3f9d448b --- /dev/null +++ b/x11-base/xorg-server/files/1.4.0.90/0043-XKB-Actually-explain-keymap-failures.patch @@ -0,0 +1,145 @@ +From 104048501f37b139d4113562ef1711978cc76018 Mon Sep 17 00:00:00 2001 +From: Daniel Stone <daniel@fooishbar.org> +Date: Wed, 7 May 2008 23:11:31 +0300 +Subject: [PATCH] XKB: Actually explain keymap failures + +When something went wrong building a keymap, try to explain to the user +what it actually was, instead of the dreaded 'Failed to load XKB keymap' +catch-all. +(cherry picked from commit cf20df39cc78203d17b99223908af388ecbf7d0e) + +Conflicts: + xkb/ddxLoad.c +--- + xkb/ddxLoad.c | 69 ++++++++++++++++++++++++++++----------------------------- + 1 files changed, 34 insertions(+), 35 deletions(-) + +diff --git a/xkb/ddxLoad.c b/xkb/ddxLoad.c +index d79ae7a..ea9c3ff 100644 +--- a/xkb/ddxLoad.c ++++ b/xkb/ddxLoad.c +@@ -385,24 +385,20 @@ char tmpname[PATH_MAX]; + xfree (buf); + return True; + } +-#ifdef DEBUG + else +- ErrorF("Error compiling keymap (%s)\n",keymap); +-#endif ++ LogMessage(X_ERROR, "Error compiling keymap (%s)\n", keymap); + #ifdef WIN32 + /* remove the temporary file */ + unlink(tmpname); + #endif + } +-#ifdef DEBUG + else { + #ifndef WIN32 +- ErrorF("Could not invoke keymap compiler\n"); ++ LogMessage(X_ERROR, "XKB: Could not invoke xkbcomp\n"); + #else +- ErrorF("Could not open file %s\n", tmpname); ++ LogMessage(X_ERROR, "Could not open file %s\n", tmpname); + #endif + } +-#endif + if (nameRtrn) + nameRtrn[0]= '\0'; + if (buf != NULL) +@@ -477,17 +473,14 @@ unsigned missing; + return 0; + } + else if (!XkbDDXCompileNamedKeymap(xkb,names,nameRtrn,nameRtrnLen)) { +-#ifdef NOISY +- ErrorF("Couldn't compile keymap file\n"); +-#endif ++ LogMessage(X_ERROR, "Couldn't compile keymap file %s\n", ++ names->keymap); + return 0; + } + } + else if (!XkbDDXCompileKeymapByNames(xkb,names,want,need, +- nameRtrn,nameRtrnLen)){ +-#ifdef NOISY +- ErrorF("Couldn't compile keymap file\n"); +-#endif ++ nameRtrn,nameRtrnLen)){ ++ LogMessage(X_ERROR, "XKB: Couldn't compile keymap\n"); + return 0; + } + file= XkbDDXOpenConfigFile(nameRtrn,fileName,PATH_MAX); +@@ -502,11 +495,9 @@ unsigned missing; + (void) unlink (fileName); + return 0; + } +-#ifdef DEBUG +- else if (xkbDebugFlags) { +- ErrorF("Loaded %s, defined=0x%x\n",fileName,finfoRtrn->defined); ++ else { ++ DebugF("XKB: Loaded %s, defined=0x%x\n",fileName,finfoRtrn->defined); + } +-#endif + fclose(file); + (void) unlink (fileName); + return (need|want)&(~missing); +@@ -525,32 +516,40 @@ XkbRF_RulesPtr rules; + + if (!rules_name) + return False; +- if (XkbBaseDirectory==NULL) { +- if (strlen(rules_name)+7 > PATH_MAX) +- return False; +- sprintf(buf,"rules/%s",rules_name); +- } +- else { +- if (strlen(XkbBaseDirectory)+strlen(rules_name)+8 > PATH_MAX) +- return False; +- sprintf(buf,"%s/rules/%s",XkbBaseDirectory,rules_name); ++ ++ if (strlen(XkbBaseDirectory) + strlen(rules_name) + 8 > PATH_MAX) { ++ LogMessage(X_ERROR, "XKB: Rules name is too long\n"); ++ return False; + } +- if ((file= fopen(buf,"r"))==NULL) ++ sprintf(buf,"%s/rules/%s", XkbBaseDirectory, rules_name); ++ ++ file = fopen(buf, "r"); ++ if (!file) { ++ LogMessage(X_ERROR, "XKB: Couldn't open rules file %s\n", file); + return False; +- if ((rules= XkbRF_Create(0,0))==NULL) { ++ } ++ ++ rules = XkbRF_Create(0, 0); ++ if (!rules) { ++ LogMessage(X_ERROR, "XKB: Couldn't create rules struct\n"); + fclose(file); + return False; + } +- if (!XkbRF_LoadRules(file,rules)) { ++ ++ if (!XkbRF_LoadRules(file, rules)) { ++ LogMessage(X_ERROR, "XKB: Couldn't parse rules file %s\n", rules_name); + fclose(file); + XkbRF_Free(rules,True); + return False; + } +- bzero((char *)names,sizeof(XkbComponentNamesRec)); +- complete= XkbRF_GetComponents(rules,defs,names); ++ ++ memset(names, 0, sizeof(*names)); ++ complete = XkbRF_GetComponents(rules,defs,names); + fclose(file); +- XkbRF_Free(rules,True); +- return complete; +-} ++ XkbRF_Free(rules, True); + ++ if (!complete) ++ LogMessage(X_ERROR, "XKB: Rules returned no components\n"); + ++ return complete; ++} +-- +1.5.5.1 + |