Page MenuHomeSolus
Files F10754165

D9369.id22568.diff
No OneTemporary
Actions

D9369.id22568.diff
View Options

diff --git a/files/Fix-size-calculation-in-_XimAttributeToValue.patch b/files/Fix-size-calculation-in-_XimAttributeToValue.patch
new file mode 100644
--- /dev/null
+++ b/files/Fix-size-calculation-in-_XimAttributeToValue.patch
@@ -0,0 +1,51 @@
+From 93fce3f4e79cbc737d6468a4f68ba3de1b83953b Mon Sep 17 00:00:00 2001
+From: Yichao Yu <yyc1992@gmail.com>
+Date: Sun, 2 Aug 2020 13:43:58 -0400
+Subject: [PATCH] Fix size calculation in `_XimAttributeToValue`.
+
+The check here guards the read below.
+For `XimType_XIMStyles`, these are `num` of `CARD32` and for `XimType_XIMHotKeyTriggers`
+these are `num` of `XIMTRIGGERKEY` ref[1] which is defined as 3 x `CARD32`.
+(There are data after the `XIMTRIGGERKEY` according to the spec but they are not read by this
+function and doesn't need to be checked.)
+
+The old code here used the native datatype size instead of the wire protocol size causing
+the check to always fail.
+
+Also fix the size calculation for the header (size). It is 2 x CARD16 for both types
+despite the unused `CARD16` for `XimType_XIMStyles`.
+
+[1] https://www.x.org/releases/X11R7.6/doc/libX11/specs/XIM/xim.html#Input_Method_Styles
+
+This fixes a regression caused by 388b303c62aa35a245f1704211a023440ad2c488 in 1.6.10.
+
+Fix #116
+---
+ modules/im/ximcp/imRmAttr.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/modules/im/ximcp/imRmAttr.c b/modules/im/ximcp/imRmAttr.c
+index 2491908e..919c5564 100644
+--- a/modules/im/ximcp/imRmAttr.c
++++ b/modules/im/ximcp/imRmAttr.c
+@@ -265,7 +265,7 @@ _XimAttributeToValue(
+
+ if (num > (USHRT_MAX / sizeof(XIMStyle)))
+ return False;
+- if ((sizeof(num) + (num * sizeof(XIMStyle))) > data_len)
++ if ((2 * sizeof(CARD16) + (num * sizeof(CARD32))) > data_len)
+ return False;
+ alloc_len = sizeof(XIMStyles) + sizeof(XIMStyle) * num;
+ if (alloc_len < sizeof(XIMStyles))
+@@ -379,7 +379,7 @@ _XimAttributeToValue(
+
+ if (num > (UINT_MAX / sizeof(XIMHotKeyTrigger)))
+ return False;
+- if ((sizeof(num) + (num * sizeof(XIMHotKeyTrigger))) > data_len)
++ if ((2 * sizeof(CARD16) + (num * 3 * sizeof(CARD32))) > data_len)
+ return False;
+ alloc_len = sizeof(XIMHotKeyTriggers)
+ + sizeof(XIMHotKeyTrigger) * num;
+--
+GitLab
+
diff --git a/package.yml b/package.yml
--- a/package.yml
+++ b/package.yml
@@ -1,8 +1,8 @@
name : libx11
-version : 1.6.9
-release : 22
+version : 1.6.10
+release : 23
source :
- - https://www.x.org/releases/individual/lib/libX11-1.6.9.tar.bz2 : 9cc7e8d000d6193fa5af580d50d689380b8287052270f5bb26a5fb6b58b2bed1
+ - https://www.x.org/releases/individual/lib/libX11-1.6.10.tar.bz2 : af48626989b8515c994777896bd7b7ba2bd5b1ef4e1efaee0a55d8852bbe6226
license : MIT
component : xorg.library
summary : Core X11 protocol client library
@@ -22,6 +22,7 @@
- speed
- lto
setup : |
+ %patch -p1 < $pkgfiles/Fix-size-calculation-in-_XimAttributeToValue.patch
%configure --disable-static
build : |
%make
diff --git a/pspec_x86_64.xml b/pspec_x86_64.xml
--- a/pspec_x86_64.xml
+++ b/pspec_x86_64.xml
@@ -2,8 +2,8 @@
<Source>
<Name>libx11</Name>
<Packager>
- <Name>F. von Gellhorn</Name>
- <Email>flinux@vongellhorn.ch</Email>
+ <Name>Pierre-Yves</Name>
+ <Email>pyu@riseup.net</Email>
</Packager>
<License>MIT</License>
<PartOf>xorg.library</PartOf>
@@ -1188,7 +1188,7 @@
</Description>
<PartOf>emul32</PartOf>
<RuntimeDependencies>
- <Dependency release="22">libx11</Dependency>
+ <Dependency release="23">libx11</Dependency>
</RuntimeDependencies>
<Files>
<Path fileType="library">/usr/lib32/libX11-xcb.so.1</Path>
@@ -1204,8 +1204,8 @@
</Description>
<PartOf>programming.devel</PartOf>
<RuntimeDependencies>
- <Dependency release="22">libx11-devel</Dependency>
- <Dependency release="22">libx11-32bit</Dependency>
+ <Dependency release="23">libx11-devel</Dependency>
+ <Dependency release="23">libx11-32bit</Dependency>
</RuntimeDependencies>
<Files>
<Path fileType="library">/usr/lib32/libX11-xcb.so</Path>
@@ -1221,7 +1221,7 @@
</Description>
<PartOf>programming.devel</PartOf>
<RuntimeDependencies>
- <Dependency release="22">libx11</Dependency>
+ <Dependency release="23">libx11</Dependency>
</RuntimeDependencies>
<Files>
<Path fileType="header">/usr/include/X11/ImUtil.h</Path>
@@ -1244,12 +1244,12 @@
</Files>
</Package>
<History>
- <Update release="22">
- <Date>2019-12-03</Date>
- <Version>1.6.9</Version>
+ <Update release="23">
+ <Date>2020-08-03</Date>
+ <Version>1.6.10</Version>
<Comment>Packaging update</Comment>
- <Name>F. von Gellhorn</Name>
- <Email>flinux@vongellhorn.ch</Email>
+ <Name>Pierre-Yves</Name>
+ <Email>pyu@riseup.net</Email>
</Update>
</History>
</PISI>
\ No newline at end of file

File Metadata

Mime Type
text/plain
Expires
May 17 2023, 8:00 PM (12 w, 1 d ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5820810
Default Alt Text
D9369.id22568.diff (5 KB)

Event Timeline

Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.