commit xorg-x11-server for openSUSE:Factory
Hello community, here is the log from the commit of package xorg-x11-server for openSUSE:Factory checked in at Fri Mar 18 09:51:13 CET 2011. -------- --- xorg-x11-server/xorg-x11-server.changes 2011-02-26 11:57:51.000000000 +0100 +++ /mounts/work_src_done/STABLE/xorg-x11-server/xorg-x11-server.changes 2011-03-17 18:02:04.000000000 +0100 @@ -1,0 +2,14 @@ +Thu Mar 17 16:55:16 UTC 2011 - sndirsch@novell.com + +- Replace-malloc-with-calloc-to-initialize-the-buffers.patch + * Replace malloc with calloc to initialize the buffers[] as NULL + in do_get_buffers function (bnc #673595) + +------------------------------------------------------------------- +Thu Mar 17 13:35:55 UTC 2011 - sndirsch@novell.com + +- record-avoid-crash-when-calling-RecordFlushReplyBuff.patch + * record: avoid crash when calling RecordFlushReplyBuffer + recursively (bnc #673575) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- Replace-malloc-with-calloc-to-initialize-the-buffers.patch record-avoid-crash-when-calling-RecordFlushReplyBuff.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xorg-x11-server.spec ++++++ --- /var/tmp/diff_new_pack.lOJAvN/_old 2011-03-18 09:48:51.000000000 +0100 +++ /var/tmp/diff_new_pack.lOJAvN/_new 2011-03-18 09:48:51.000000000 +0100 @@ -32,7 +32,7 @@ %endif Url: http://xorg.freedesktop.org/ Version: 7.6_%{dirsuffix} -Release: 18 +Release: 19 License: GPLv2+ ; MIT License (or similar) BuildRoot: %{_tmppath}/%{name}-%{version}-build Group: System/X11/Servers/XF86_4 @@ -122,6 +122,8 @@ Patch223: use-last-screen.patch Patch224: pad-size-of-system-memory-copy-for-1x1-pixmaps Patch225: xorg-server-stop-cpu-eating.diff +Patch226: record-avoid-crash-when-calling-RecordFlushReplyBuff.patch +Patch227: Replace-malloc-with-calloc-to-initialize-the-buffers.patch %if %moblin Patch300: moblin-use_preferred_mode_for_all_outputs.diff %endif @@ -255,6 +257,8 @@ %patch223 -p1 %patch224 -p1 %patch225 -p1 +%patch226 -p1 +%patch227 -p1 %if %moblin %patch300 -p1 %endif ++++++ Replace-malloc-with-calloc-to-initialize-the-buffers.patch ++++++
From a73c28f0bdafb1c5cb8129179188a99c0ca052e2 Mon Sep 17 00:00:00 2001 From: Justin Dou
Date: Thu, 10 Feb 2011 16:27:29 -0500 Subject: [PATCH] Replace malloc with calloc to initialize the buffers[] as NULL in do_get_buffers function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
The calling for allocate_or_reuse_buffer may fail due to some reason, e.g. out of memory.
If the buffers[] were not initialized to be NULL, the following err_out may try to access an illegal memory, which will cause X crash afterward.
Reviewed-by: Kristian Høgsberg
From 0801afbd7c2c644c672b37f8463f1a0cbadebd2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Erkki=20Sepp=C3=A4l=C3=A4?=
Date: Thu, 10 Feb 2011 15:35:14 +0200 Subject: [PATCH] record: avoid crash when calling RecordFlushReplyBuffer recursively MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
RecordFlushReplyBuffer can call itself recursively through
WriteClient->CallCallbacks->_CallCallbacks->RecordFlushAllContexts
when the recording client's buffer cannot be completely emptied in one
WriteClient. When a such a recursion occurs, it will not be broken out
of which results in segmentation fault when the stack is exhausted.
This patch adds a counter (a flag, really) that guards against this
situation, to break out of the recursion.
One alternative to this change would be to change _CallCallbacks to
check the corresponding counter before the callback loop, but that
might affect existing behavior, which may be relied upon.
Reviewed-by: Rami Ylimäki
participants (1)
-
root@hilbert.suse.de