When the format is `Pixmap` it calculates the size of the image data as:
ROUNDUP((bits_per_pixel * width), image->bitmap_pad);
There is no validation on the `width` of the image, and so this
calculation exceeds the capacity of a 4-byte integer, causing an overflow.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
The CreatePixmap request specifies height & width of the image as CARD16
(unsigned 16-bit integer), so if either is larger than that, set it to 0
so the X server returns a BadValue error as the protocol requires.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
The PutImage request specifies height & width of the image as CARD16
(unsigned 16-bit integer), same as the maximum dimensions of an X11
Drawable, which the image is being copied to.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
When splitting a single line of pixels into chunks to send to the
X server, be sure to take into account the number of bits per pixel,
so we don't just loop forever trying to send more pixels than fit in
the given request size and not breaking them down into a small enough
chunk to fix.
Fixes: "almost complete rewrite" (Dec. 12, 1987) from X11R2
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Make sure we allocate enough memory in the first place, and
also handle error returns from _XkbReadBufferCopyKeySyms() when
it detects out-of-bounds issues.
Reported-by: Gregory James DUCK <gjduck@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Other code assumes this pointer cannot be NULL, so fail the connection
if a bug has caused the X server to give a non-existent visual ID for
the default visual of any screen.
Reported-by: Gregory James DUCK <gjduck@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
The dagger symbol has several modern uses such as marking someone as
dead or something as extinct. Historically it has been used to indicate
a footnote.
When Ghana, Nigeria, Costa Rica and El Salvador have compose sequences
for their currency symbols (cedi: `₵`, naira: `₦`, colón: `₡`), then
Paraguay, Laos, and Mongolia deserve to have such sequences as well.
The sequences should be obvious: the relevant capital letter of the
name of the currency (G, K, T) plus a vertical bar, a minus sign,
and an equals sign, respectively.
Also add two sequences for `$` (the dollar sign), for consistency.
Drop the tentative comments for drachma, penny, and austral, as those
currencies have been obsolete for more than twenty years.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
As a cent is a small coin, it makes no sense to use an uppercase letter
to compose the `¢` symbol -- having four sequences with a lowercase `c`
plus a `bar` or a `slash` available for composing `¢` should be enough.
Use the sequence `<C> <bar` (with the uppercase `C`) for composing `₵`
(the CEDI SIGN) instead.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
Only a few keyboard layouts contain the `dead_iota` keysym, and none
of those layouts contains the `acute` keysym, so compose sequences
that combine the two symbols cannot be typed and are thus useless.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
Implementation had "Key" twice in these macro names,
but the docs had only listed it once.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Add comments for the Khmer digraphs, correct the comments for the
Arabic lam-alef decompositions, and normalize the comments for the
Breton digraphs and trigraphs.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
Replace the "WITH" with "plus" and lowercase the "AND" in the comments
for sequences with combining accents, to make it slightly clearer that
the resulting string consists of multiple code points. Also, use the
word "COMBINING" in the names of the accents, so that these sequences
can be easily grepped, and drop the redundant word "ACCENT".
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
there is no function XkbSetBounceKeysDelay().
It is listed in the specs but never implemented if someone
does it, feel free to get the file back.
closes issue #105
* Two compose sequences containing `leftshoe` and `rightshoe` are
dropped as no keyboard layout uses these keysyms.
* The compose sequences for `therefore` and `because` in the APL
block are moved to ascending Unicode order.
* The comments for the compose sequences for `U2299` are corrected to
more accurately reflect its sequence nodes and its real name in
Unicode.
The letters `Ǫ` (U+01EA, O with ogonek), `Ȩ` (U+0228, E with cedilla),
`Ȯ` (U+022E, O with dot above), `Ạ` (U+1EA0, A with dot below), and
their lowercase forms do not occur in any layout of xkeyboard-config,
meaning that the compose sequences that contained these letters could
not be typed. Delete their dead weight.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
Composing ¥ with Y and a minus sign seems to have been added in analogy
to composing £ with L and a minus sign. But ¥ clearly has a double line
through it, so using the equals sign for this is far more logical (and
those compose sequences of course exist). Also, L plus an equals sign
produces ₤ (lira), not £ (sterling). So... make these sequences more
consistent and allow composing ¥ only with Y/y plus an equals sign.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
For the Cyrillic YU with combining acute accent, the string between
the quotes contained two U+0301 code points, whereas one is enough,
like for all the neighboring strings.
(This duplication was found by accident with `nano --mini --cons`.)
Fixes CVE-2023-3138: X servers could return values from XQueryExtension
that would cause Xlib to write entries out-of-bounds of the arrays to
store them, though this would only overwrite other parts of the Display
struct, not outside the bounds allocated for that structure.
Reported-by: Gregory James DUCK <gjduck@gmail.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
First: combining diacritics like the combining long solidus (`U+0338`)
are not meant to be used in compose sequences. Second: there is just
one layout in xkeyboard-config that contains the `U0338` character:
the deprecated/obsolete German T3 layout. So, practically speaking,
these compose sequences with `U0338` were untypable. So, use a slash
instead, that almost all layouts have. This does require that the
sequence `<Compose> <less> <slash>` changes its meaning from backslash
to not-less-than (`≮`). This seems like an acceptable sacrifice, as
the sequence `<Compose> <slash> <slash>` is a faster/easier sequence
for the backslash and most layouts contain a backslash already anyway.
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
None of the layouts in xkeyboard-config contain `Ohook` or `Uhook`
or `U+01D3` (U with caron) nor their lowercase forms, so these six
sequences cannot be typed on any known keyboard.
(Also, the target characters of the sequences with hook and horn
seem to occur only in Vietnamese, where the horn is part of the
vowel and the hook is a tonal mark. All Vietnamese layouts in
xkeyboard-config contain `Ohorn` and `Uhorn`, and then the five
tonal marks as dead keys, `dead_hook` among them. It does not
make sense to want to apply a horn to a vowel that already has
a tonal mark, nor is it possible with the Vietnamese layouts.)
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
Last year, commit 488b156fe2 changed mistaken ASCII characters to the
code points that were actually used in the Ethiopian keyboard layout.
But those code points were mistaken too: the intention was not to use
the code point U+FE68 in the layout but the raw symbol code 0xfe68 --
and so on for the other codes. The symbols that these raw codes were
intended to refer to were `dead_a` and friends. But these dead vowels
were added under different codes: 0xfe80 to 0xfe8b.
So, correct the Amharic compose sequences to make use of the dead-vowel
symbols that were specifically added for them fifteen years ago.
(As soon as this is merged, xkeyboard-config wil be changed too to use
the dead vowels in the Ethiopian layout.)
Signed-off-by: Benno Schulenberg <bensberg@telfort.nl>
This sequence has already been defined in the iso8859-9e compose
file meant for the Azerbaijani locale, yet for the longest time, only
the lowercase form has existed in the en_US.UTF-8 master compose
file. This patch adds one sequence for Latin Capital Letter Schwa for
the Azerbaijani language.
Additionally, the sequence in the pt_BR.UTF-8 locale for capital
schwa has been removed as it uses two lowercase e's as part of its
sequence, which in practice would make typing both `Multi_key e e`
and `Multi_key E E` output capital schwa.
