> In function ‘ConvertAddr’,
> inlined from ‘ResetHosts’ at ../os/access.c:1014:26:
> ../os/access.c:1540:25: warning: ‘saddr’ may be used uninitialized [-Wmaybe-uninitialized]
> 1540 | if (16777343 == *(long *) &((struct sockaddr_in *) saddr)->sin_addr)
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ../os/access.c: In function ‘ResetHosts’:
> ../os/access.c:908:7: note: ‘saddr’ declared here
> 908 | } saddr;
> | ^~~~~
The union isn't needed at all, we're just using one of the fields anyways.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Move the callbacks directly into DIX, since it's actually core infrastructure.
Also simplifying the whole machinery, by just using a simpel CallbackListPtr.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Simplify DefineSelf() by using xhostname(). Neither need to
care about OS specifics here, nor take care of zero-terminating the
hostname string - xhostname() is already doing this.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
These are always enablde (x11_t is defined when XSERV_t is defined),
so no need for the #ifdef's anymore.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Using calloc() instead of malloc() as preventive measure, so there
never can be any hidden bugs or leaks due uninitialized memory.
The extra cost of using this compiler intrinsic should be practically
impossible to measure - in many cases a good compiler can even deduce
if certain areas really don't need to be zero'd (because they're written
to right after allocation) and create more efficient machine code.
The code pathes in question are pretty cold anyways, so it's probably
not worth even thinking about potential extra runtime costs.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Support for using getaddrinfo() was originally added to support IPv6,
and only used if IPv6 support was enabled. Two decades later, support
for getaddrinfo() is ubiquitous and OS'es have marked gethostbyname()
as deprecated, so use the modern interface whenever we can now.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1760>
On NetBSD gives warning:
In file included from /usr/include/ctype.h:100,
from ../include/misc.h:174,
from ../os/access.c:96:
../os/access.c: In function ‘ResetHosts’:
../os/access.c:981:49: warning: array subscript has type ‘char’ [-Wchar-subscripts]
981 | lhostname[i] = tolower(ohostname[i]);
| ^
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1455>
The symbol controls whether to include dix-config.h, and it's always set,
thus we don't need it (and dozens of ifdef's) anymore.
This commit only removes them from our own source files, where we can
guarantee that dix-config.h is present - leaving the (potentially exported)
headers untouched.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
DES isn't considered secure anymore for long time now, more and more platforms
dropping DES from their RPC implementations, and even the one where it came
from (Solaris) disabled it for a decade now. We have much better alternatives
(eg. passing creds via Unix socket for local connections, ssh tunneling,
MIT-MAGIC-COOKIE-1, ...), so it's unlikely anybody still really relying on it.
Therefore, sweep it out.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1453>
This provides a way to determine the pid of a peer connection on
systems like darwin that do not support getpeerucred() nor
SO_PEERCRED.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
GetLocalClientCreds() was preferring getpeereid() above other implementations.
getpeereid(), however, only returns the effective uid and gid of the peer,
leaving the pid unset. When this happens, we are unable to use the pid to
determine the peer's command line arguments and incorrectly treat ssh-tunneled
traffic as local.
To address this, we now prioritize getpeerucred() or SO_PEERCRED as those two
implementations will return the pid in addition to uid and gid.
Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
This helps on KAME-based systems which want to get rid of this hack.
The assumption is that if sin6_scope_id is set, then the interface index
is no longer embedded in the address.
Signed-off-by: Jeremie Courreges-Anglas <jca@wxcvbn.org>
Most (but not all) of these were found by using
codespell --builtin clear,rare,usage,informal,code,names
but not everything reported by that was fixed.
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Don't reuse cmd for strtok output to ensure the proper pointer is
freed afterwards.
The code incorrectly assumed the pointer returned by strtok(cmd, ":")
would always point to cmd. However, strtok(str, sep) != str if str
begins with sep. This caused an invalid-free crash when running
a program under X with a name beginning with a colon.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=104123
Signed-off-by: Tomasz Śniatowski <kailoran@gmail.com>
Reviewed-by: Michel Dänzer <michel.daenzer@amd.com>
For link local addresses the XDMCP server would need to either know the
interface thru a scope identifier or try all available interfaces. If
they don't this address will fail in which case the XDMCP server could
still try the other addresses passed - however some only try the first
address and then give up.
Even if this seems to be the wrong place to fix this it seems to be
easier than fixing all display servers.
[ajax: Cleaned up commit message]
Reviewed-by: Adam Jackson <ajax@redhat.com>
