fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2025-12-24 16:00:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
read-only mirror of https://gitlab.freedesktop.org/xorg/xserver
14039 commits 90 branches 540 tags 82 MiB
C 96.4%
Roff 1.1%
Objective-C 1%
Meson 0.8%
Shell 0.2%
Other 0.3%
Find a file
Alan Coopersmith d88c66541e dbe: unvalidated lengths in DbeSwapBuffers calls [CVE-2014-8097] 
ProcDbeSwapBuffers() has a 32bit (n) length value that it uses to read
from a buffer. The length is never validated, which can lead to out of
bound reads, and possibly returning the data read from out of bounds to
the misbehaving client via an X Error packet.

SProcDbeSwapBuffers() swaps data (for correct endianness) before
handing it off to the real proc.  While doing the swapping, the
length field is not validated, which can cause memory corruption.

v2: reorder checks to avoid compilers optimizing out checks for overflow
that happen after we'd already have done the overflowing multiplications.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit 2ef42519c4)
Signed-off-by: Julien Cristau <jcristau@debian.org>
2014-12-09 17:50:12 +01:00
composite composite: Fix memory leak in compCopyWindow 2014-04-21 20:56:48 -07:00
config config_odev_add_attribute*: Check for right attribute type 2014-07-14 13:21:30 -07:00
damageext Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
dbe dbe: unvalidated lengths in DbeSwapBuffers calls [CVE-2014-8097] 2014-12-09 17:50:12 +01:00
dix dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4] 2014-12-09 17:50:12 +01:00
doc doc: Update documentation about Windows platforms support a bit 2012-10-29 12:21:14 +00:00
dri3 dri3: Fix dri3_open API change by adding new dri3_open_client 2014-04-08 13:53:58 -07:00
exa exa: Fix a warning when enabling DEBUG_TRACE_FALL 2014-06-25 11:59:22 -07:00
fb fb: Fix Bresenham algorithms for commonly used small segments. 2014-11-23 17:04:37 +01:00
glamor glamor: Fix temp picture coordinates in glamor_composite_clipped_region 2014-07-18 21:58:25 +02:00
glx glx: check return from __glXGetAnswerBuffer 2014-12-09 17:47:24 +01:00
hw dri2: integer overflow in ProcDRI2GetBuffers() [CVE-2014-8094] 2014-12-09 17:50:12 +01:00
include dix: integer overflow in REQUEST_FIXED_SIZE() [CVE-2014-8092 4/4] 2014-12-09 17:50:12 +01:00
m4 xorg-tls: fix warning, replace AC_TRY_COMPILE with AC_COMPILE_IFELSE 2014-01-22 11:18:42 -08:00
man Add -iglx & +iglx to Xserver.man 2014-12-02 11:31:06 +01:00
mi mieq: Fix a crash regression in mieqProcessDeviceEvent 2014-07-28 11:43:33 -07:00
miext sync: Add a header include necessary to use misyncstr.h 2014-03-17 14:30:45 -07:00
os dix: integer overflow in GetHosts() [CVE-2014-8092 2/4] 2014-12-09 17:50:12 +01:00
present present: Fix use of vsynced pageflips and honor PresentOptionAsync. (v4) 2014-12-09 17:42:02 +01:00
pseudoramiX pseudoramiX: Add _X_ATTRIBUTE_PRINTF attributes to debug functions. 2014-01-27 11:38:34 -08:00
randr rrcrtc: brackets are hard, lets go shopping. 2014-05-12 14:55:04 -07:00
record Clean up a few function prototypes to not place formals in /**/ 2014-01-12 10:24:12 -08:00
render xfixes: Forbid manipulating clip for source-only pictures (#28968) 2014-04-22 07:50:17 -07:00
test mi: don't process events from disabled devices (#77884) 2014-06-04 22:16:28 -07:00
Xext Xext/shm: Detach SHM segment after Pixmap is released 2014-11-01 21:17:41 +01:00
xfixes xfixes: disable cursor on X server reset 2014-06-04 21:32:42 -07:00
Xi Xi: block SIGIOs while copying device classes around 2014-05-23 11:08:17 +10:00
xkb xkb: Verify reads of compiled keymap header and TOC 2014-04-18 16:30:18 -07:00
.dir-locals.el Add .dir-locals.el 2013-08-17 12:17:36 +02:00
.gitignore .gitignore: Add new autotools file 'test-driver' 2014-04-21 13:41:42 -07:00
autogen.sh autogen.sh: Honor NOCONFIGURE=1 2012-10-19 13:12:33 +10:00
configure.ac Bump to 1.16.2 2014-11-10 16:38:52 +01:00
COPYING Shadow: Switch the Amiga/Atari bitplane code to the canonical X.Org license 2013-05-14 14:41:00 -07:00
devbook.am devbook.am: maintenance update from docbook.am 2011-09-21 14:07:52 -07:00
docbook.am docbook.am: embed css styles inside the HTML HEAD element 2011-09-21 14:07:49 -07:00
fix-miregion Change region implementation names to eliminate the 'mi' prefix 2010-06-05 17:47:32 -07:00
fix-miregion-private Change region implementation names to eliminate the 'mi' prefix 2010-06-05 17:47:32 -07:00
fix-patch-whitespace Rename region macros to eliminate screen argument 2010-06-05 18:59:00 -07:00
fix-region Rename region macros to eliminate screen argument 2010-06-05 18:59:00 -07:00
Makefile.am DIST_SUBDIRS needs to include glamor, even if it isn't built 2014-02-13 15:25:56 -08:00
manpages.am Xorg: Add a suid root wrapper 2014-03-12 08:50:05 +01:00
README packaging: provide a default README file #24206 2010-01-27 14:00:17 -08:00
xorg-server.m4 macros: clarify documentation 2012-11-05 13:24:57 -06:00
xorg-server.pc.in xfree86: link modules against Xorg symbols on Cygwin 2012-04-05 21:57:07 -05:00
xserver.ent.in doc: relocate xserver.ent in the package root directory 2011-05-14 11:22:26 -07:00

README 

					X Server

The X server accepts requests from client applications to create windows,
which are (normally rectangular) "virtual screens" that the client program
can draw into.

Windows are then composed on the actual screen by the X server
(or by a separate composite manager) as directed by the window manager,
which usually communicates with the user via graphical controls such as buttons
and draggable titlebars and borders.

For a comprehensive overview of X Server and X Window System, consult the
following article:
http://en.wikipedia.org/wiki/X_server

All questions regarding this software should be directed at the
Xorg mailing list:

        http://lists.freedesktop.org/mailman/listinfo/xorg

Please submit bug reports to the Xorg bugzilla:

        https://bugs.freedesktop.org/enter_bug.cgi?product=xorg

The master development code repository can be found at:

        git://anongit.freedesktop.org/git/xorg/xserver

        http://cgit.freedesktop.org/xorg/xserver

For patch submission instructions, see:

	http://www.x.org/wiki/Development/Documentation/SubmittingPatches

For more information on the git code manager, see:

        http://wiki.x.org/wiki/GitPage