Permalink
Commits on Oct 14, 2015
  1. fb: Revert fb changes that broke XQuartz

    jeremyhu committed May 31, 2014
        http://bugs.freedesktop.org/show_bug.cgi?id=26124
    
    Revert "Use new pixman_glyph_cache_t API that will be in pixman 0.28.0"
    Revert "fb: Fix origin of source picture in fbGlyphs"
    Revert "fb: Publish fbGlyphs and fbUnrealizeGlyph"
    
    This reverts commit 9cbcb5b.
    This reverts commit 983e303.
    This reverts commit 3c2c59e.
  2. fb: Revert fb changes that broke XQuartz

    jeremyhu committed Feb 13, 2010
    http://bugs.freedesktop.org/show_bug.cgi?id=26124
    
    Revert "Fix source pictures getting random transforms after 2d6a8f6."
    Revert "fb: Adjust transform or composite coordinates for pixman operations"
    
    http://bugs.freedesktop.org/26124
    
    This reverts commit a72c65e.
    This reverts commit a6bd5d2.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
  3. Use old miTrapezoids and miTriangles routines

    jeremyhu committed Nov 2, 2013
    Reverts commits:
        788ccb9
        566f193
    
    http://xquartz.macosforge.org/trac/ticket/525
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
  4. Workaround the GC clipping problem in miPaintWindow and add some debu…

    jeremyhu committed Apr 30, 2010
    …gging output.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
  5. sdksyms.sh: Use CPPFLAGS, not CFLAGS

    jeremyhu committed Jan 13, 2012
    CFLAGS can include flags which are not useful to the preprocessor
    or can even cause it to fail.  This fixes a build issue on darwin
    when building for more than one architecture.
    
    Signed-off-by: Jeremy Huddleston <jeremyhu@apple.com>
    Reviewed-by: Keith Packard <keithp@keithp.com>
Commits on Oct 13, 2015
  1. XQuartz: Fix how we calculate the height of the OSX menu bar

    KenThomases authored and jeremyhu committed Oct 12, 2015
    +[NSScreen mainScreen] does not mean the primary display.  It used to mean the
    one with the key window.  When "Displays have separate spaces" is enabled, it
    means the active screen, the one whose menu bar is mostly opaque.  As such, it
    may not be the screen whose lower-left corner is located at (0, 0).  That's
    why its max-Y is not necessarily comparable to its height.  That only works
    for the primary display.
    
    This code could use [[NSScreen screens] firstObject].  This is always the
    primary display, the one whose lower-left corner is at (0, 0).
    
    Once that's done, the above change should be reverted.  The height of the
    visible frame would be the full height of the screen minus the menu bar _and
    the Dock_ if the Dock is along the bottom of the screen.
    
    Actually, there's a theoretically-simpler approach: use
    -[NSMenu menuBarHeight].  That replaces a long-deprecated method
    +[NSMenuView menuBarHeight].  However, there was a bug in Tiger that led to
    the former not working while the latter still worked. I haven't actually
    checked recently.
    
    CrossOver's still-kicking X server code uses this code, which tries all of
    the above:
    
           NSScreen* primaryScreen = [[NSScreen screens] objectAtIndex:0];
           aquaMenuBarHeight = [[NSApp mainMenu] menuBarHeight];
           if (!aquaMenuBarHeight) aquaMenuBarHeight = [NSMenuView menuBarHeight];
           if (!aquaMenuBarHeight) aquaMenuBarHeight =
               NSHeight([primaryScreen frame]) - NSMaxY([primaryScreen visibleFrame]);
    
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    Signed-off-by: Ken Thomases <ken@codeweavers.com>
    (cherry picked from commit 4513f92)
  2. XQuartz: Remove InfoPlist.strings

    jeremyhu committed Oct 12, 2015
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 6e6827a)
  3. XQuartz: Relax App Transport Security for communicating with the upda…

    jeremyhu committed Oct 12, 2015
    …te server
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit df80e26)
  4. XQuartz: Silence -Wformat-security for NSRunAlertPanel

    jeremyhu committed Jun 10, 2015
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 9003a3e)
  5. XQuartz: Silence -Wunused-function

    jeremyhu committed Jun 10, 2015
    quartzKeyboard.c:741:1: warning: unused function 'macroman2ucs' [-Wunused-function,Unused Entity Issue]
    macroman2ucs(unsigned char c)
    ^
    1 warning generated.
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 3a6fa11)
  6. XQuartz: Silence -Wunused-variable

    jeremyhu committed Jun 10, 2015
    X11Controller.m:939:9: warning: unused variable 'remain' [-Wunused-variable,Unused Entity Issue]
        int remain;
            ^
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 9fe7f5c)
  7. XQuartz: Silence -Wpointer-bool-conversion

    jeremyhu committed Jun 10, 2015
    X11Controller.m:417:17: error: address of function 'asl_log_descriptor' will always evaluate to 'true'
          [-Werror,-Wpointer-bool-conversion,Value Conversion Issue]
                if (asl_log_descriptor) {
                ~~  ^~~~~~~~~~~~~~~~~~
    X11Controller.m:417:17: note: prefix with the address-of operator to silence this warning [Semantic Issue]
                if (asl_log_descriptor) {
                    ^
                    &
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 0b9c324)
Commits on Feb 15, 2015
  1. XQuartz: GLX: Use __glXEnableExtension to build extensions list

    jeremyhu committed Jun 1, 2014
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    (cherry picked from commit 3790001ea29658872aebda00a03170e392b47878)
Commits on Feb 10, 2015
  1. Bump to 1.16.4

    Julien Cristau
    Julien Cristau committed Feb 10, 2015
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  2. xkb: Check strings length against request size

    ofourdan authored and Julien Cristau committed Jan 16, 2015
    Ensure that the given strings length in an XkbSetGeometry request remain
    within the limits of the size of the request.
    
    Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    (cherry picked from commit 20079c3)
    (cherry picked from commit f160e72)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  3. xkb: Don't swap XkbSetGeometry data in the input buffer

    ofourdan authored and Julien Cristau committed Jan 16, 2015
    The XkbSetGeometry request embeds data which needs to be swapped when the
    server and the client have different endianess.
    
    _XkbSetGeometry() invokes functions that swap these data directly in the
    input buffer.
    
    However, ProcXkbSetGeometry() may call _XkbSetGeometry() more than once
    (if there is more than one keyboard), thus causing on swapped clients the
    same data to be swapped twice in memory, further causing a server crash
    because the strings lengths on the second time are way off bounds.
    
    To allow _XkbSetGeometry() to run reliably more than once with swapped
    clients, do not swap the data in the buffer, use variables instead.
    
    Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    (cherry picked from commit 81c90dc)
    (cherry picked from commit 29be310)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
Commits on Jan 31, 2015
  1. dri2: SourceOffloads may be for DRI3 only

    ickle authored and airlied committed Jan 17, 2015
    As a DDX may declare offload support without supporting DRI2
    (because it is using an alternative acceleration mechanism like DRI3),
    when iterating the list of offload_source Screens to find a matching
    DRI2 provider we need to check before assuming it is DRI2 capable.
    
    Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=88514
    Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
    Reviewed-by: Dave Airlie <airlied@redhat.com>
    Signed-off-by: Keith Packard <keithp@keithp.com>
    (cherry picked from commit 0829310)
  2. dix: make RegionInit legal C++

    nwnk authored and airlied committed Jan 5, 2015
    The CVE fix in:
    
        commit 97015a0
        Author: Alan Coopersmith <alan.coopersmith@oracle.com>
        Date:   Wed Jan 22 22:37:15 2014 -0800
    
            dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4]
    
    offended the C++ demons:
    
    ../../include/regionstr.h:147:45: error: invalid conversion from 'void*' to
    'pixman_region16_data_t* {aka pixman_region16_data*}' [-fpermissive]
    
    Normally this isn't a problem, because around here we have the sense and
    common decency to not use C++, but this does make tigervnc fail to build,
    which is a little rude of us.
    
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Keith Packard <keithp@keithp.com>
    (cherry picked from commit bb23fbf)
  3. config/udev: Respect seat assignments when assigned devices

    airlied committed Jan 29, 2015
    Jonathan Dieter posted a few patches to do this inside the Xorg
    server but it makes no sense to do it there, just have the code
    we use to probe the device list at startup check seat assignments
    using the same code we check at hotplug time.
    
    Bugilla: https://bugzilla.redhat.com/show_bug.cgi?id=1183654
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Acked-by: Hans de Goede <hdegoede@redhat.com>
    Tested-by: Jonathan Dieter <jdieter@lesbg.com>
    Signed-off-by: Dave Airlie <airlied@redhat.com>
    Signed-off-by: Keith Packard <keithp@keithp.com>
    (cherry picked from commit 697b696)
  4. randr: attempt to fix primary on slave output (v2)

    airlied committed Jan 6, 2015
    If the user wants to set one of the slave devices as
    the primary output, we shouldn't fail to do so,
    we were returning BadMatch which was tripping up
    gnome-settings-daemon and bad things ensues.
    
    Fix all the places we use primaryOutput to work
    out primaryCrtc and take it into a/c when slave
    gpus are in use.
    
    v2: review from Aaron, fix indent, unhide has_primary from
    macro. I left the int vs Bool alone to be consistent with
    code below, a future patch could fix both.
    
    Signed-off-by: Dave Airlie <airlied@redhat.com>
    Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
    Signed-off-by: Keith Packard <keithp@keithp.com>
    (cherry picked from commit df1b401)
  5. os: Fix timer race conditions

    nmahale authored and airlied committed Jan 25, 2015
    Fixing following kind of race-conditions -
    
        WaitForSomething()
        |
        ---->  // timers -> timer-1 -> timer-2 -> null
               while (timers && (int) (timers->expires - now) <= 0)
                   // prototype - DoTimer(OsTimerPtr timer, CARD32 now, OsTimerPtr *prev)
                   DoTimer(timers, now, &timers)
                   |
                   |
                   ----> OsBlockSignals();  .... OS Signal comes just before blocking it,
                                            .... timer-1 handler gets called.
                                                 // timer-1 gets served and scheduled again;
                                                 // timers -> timer-2 -> timer-1 -> null
                                            ....
                         *prev = timer->next;
                          timer->next = NULL;   // timers -> null
                          // timers list gets corrupted here and timer-2 gets removed from list.
    
    Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=86288
    Signed-off-by: Nikhil Mahale <nmahale@nvidia.com>
    Reviewed-by: Julien Cristau <jcristau@debian.org>
    
    v2: Apply warning fixes from Keith Packard <keithp@keithp.com>
    
    Reviewed-by: Aaron Plattner <aplattner@nvidia.com>
    Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
    Signed-off-by: Keith Packard <keithp@keithp.com>
    (cherry picked from commit fe4c774)
Commits on Jan 5, 2015
  1. dix: Allow zero-height PutImage requests

    keith-packard authored and Julien Cristau committed Jan 3, 2015
    The length checking code validates PutImage height and byte width by
    making sure that byte-width >= INT32_MAX / height. If height is zero,
    this generates a divide by zero exception. Allow zero height requests
    explicitly, bypassing the INT32_MAX check.
    
    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit dc777c3)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
Commits on Dec 20, 2014
  1. Bump to 1.16.3

    Julien Cristau
    Julien Cristau committed Dec 20, 2014
    Signed-off-by: Julien Cristau <jcristau@debian.org>
Commits on Dec 9, 2014
  1. Bump to 1.16.2.901

    Julien Cristau
    Julien Cristau committed Dec 9, 2014
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  2. dix: GetHosts bounds check using wrong pointer value [CVE-2014-8092 p…

    keith-packard authored and Julien Cristau committed Dec 9, 2014
    …t. 6]
    
    GetHosts saves the pointer to allocated memory in *data, and then
    wants to bounds-check writes to that region, but was mistakenly using
    a bare 'data' instead of '*data'. Also, data is declared as void **,
    so we need a cast to turn it into a byte pointer so we can actually do
    pointer comparisons.
    
    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 1559a94)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  3. Missing parens in REQUEST_FIXED_SIZE macro [CVE-2014-8092 pt. 5]

    keith-packard authored and Julien Cristau committed Dec 9, 2014
    The 'n' parameter must be surrounded by parens in both places to
    prevent precedence from mis-computing things.
    
    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 9802a01)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  4. glx: Can't mix declarations and code in X.org sources [CVE-2014-8098 …

    keith-packard authored and Julien Cristau committed Dec 9, 2014
    …pt. 9]
    
    We're using compiler compatibility settings which generate warnings
    when a variable is declared after the first statement.
    
    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 61b17c0)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  5. dbe: Call to DDX SwapBuffers requires address of int, not unsigned in…

    keith-packard authored and Julien Cristau committed Dec 9, 2014
    …t [CVE-2014-8097 pt. 2]
    
    When the local types used to walk the DBE request were changed, this
    changed the type of the parameter passed to the DDX SwapBuffers API,
    but there wasn't a matching change in the API definition.
    
    At this point, with the API frozen, I just stuck a new variable in
    with the correct type. Because we've already bounds-checked nStuff to
    be smaller than UINT32_MAX / sizeof(DbeSwapInfoRec), we know it will
    fit in a signed int without overflow.
    
    Signed-off-by: Keith Packard <keithp@keithp.com
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit b20912c)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  6. glx: Fix mask truncation in __glXGetAnswerBuffer [CVE-2014-8093 6/6]

    rmorell authored and Julien Cristau committed Nov 13, 2014
    On a system where sizeof(unsigned) != sizeof(intptr_t), the unary
    bitwise not operation will result in a mask that clears all high bits
    from temp_buf in the expression:
            temp_buf = (temp_buf + mask) & ~mask;
    
    Signed-off-by: Robert Morell <rmorell@nvidia.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 7e7630b)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  7. glx: Pass remaining request length into ->varsize (v2) [CVE-2014-8098…

    nwnk authored and Julien Cristau committed Nov 10, 2014
    … 8/8]
    
    v2: Handle more multiplies in indirect_reqsize.c (Julien Cristau)
    
    Reviewed-by: Julien Cristau <jcristau@debian.org>
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit e883c17)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  8. glx: Length checking for non-generated single requests (v2) [CVE-2014…

    nwnk authored and Julien Cristau committed Nov 10, 2014
    …-8098 7/8]
    
    v2:
    Fix single versus vendor-private length checking for ARB_imaging subset
    extensions. (Julien Cristau)
    
    v3:
    Fix single versus vendor-private length checking for ARB_imaging subset
    extensions. (Julien Cristau)
    
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Julien Cristau <jcristau@debian.org>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 984583a)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  9. glx: Length-checking for non-generated vendor private requests [CVE-2…

    nwnk authored and Julien Cristau committed Nov 10, 2014
    …014-8098 6/8]
    
    Reviewed-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit 44ba149)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  10. glx: Request length checks for SetClientInfoARB [CVE-2014-8098 5/8]

    nwnk authored and Julien Cristau committed Nov 10, 2014
    Reviewed-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Julien Cristau <jcristau@debian.org>
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit afe1770)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  11. glx: Top-level length checking for swapped VendorPrivate requests [CV…

    nwnk authored and Julien Cristau committed Nov 10, 2014
    …E-2014-8098 4/8]
    
    Reviewed-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Julien Cristau <jcristau@debian.org>
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit c91e4ab)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
  12. glx: Length checking for RenderLarge requests (v2) [CVE-2014-8098 3/8]

    nwnk authored and Julien Cristau committed Nov 10, 2014
    This is a half-measure until we start passing request length into the
    varsize function, but it's better than the nothing we had before.
    
    v2: Verify that there's at least a large render header's worth of
    dataBytes (Julien Cristau)
    
    Reviewed-by: Michal Srb <msrb@suse.com>
    Reviewed-by: Andy Ritger <aritger@nvidia.com>
    Signed-off-by: Adam Jackson <ajax@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit a33a939)
    Signed-off-by: Julien Cristau <jcristau@debian.org>
    
    Conflicts:
    	glx/glxcmds.c