Use SA_RESETHAND rather than SA_ONESHOT
The latter is an obsolete non-standard, Linux only synonym for the
former. This caused syndaemon(1) to enter an an infinite loop whenever
it receives a SIGINT signal. Patch from Luca Castagnini. Thanks.
MFC: Xi: integer overflow and unvalidated length in
[jcristau: originally this patch fixed the same issue as commit
211e05ac85 "Xi: Test exact size of XIBarrierReleasePointer", with the
addition of these checks]
This addresses CVE-2017-12179
MFC: os: Make sure big requests have sufficient length.
A client can send a big request where the 32B "length" field has value
0. When the big request header is removed and the length corrected,
the value will underflow to 0xFFFFFFFF. Functions processing the
request later will think that the client sent much more data and may
touch memory beyond the receive buffer.
MFC: xkb: Handle xkb formated string output safely (CVE-2017-13723)
Generating strings for XKB data used a single shared static buffer,
which offered several opportunities for errors. Use a ring of
resizable buffers instead, to avoid problems when strings end up
longer than anticipated.
MFC: xkb: Escape non-printable characters correctly
XkbStringText escapes non-printable characters using octal numbers.
Such escape sequence would be at most 5 characters long ("\0123"), so
it reserves 5 bytes in the buffer. Due to char->unsigned int
conversion, it would print much longer string for negative numbers.
MFC: Xext/shm: Validate shmseg resource id (CVE-2017-13721)
Otherwise it can belong to a non-existing client and abort X server with
FatalError "client not in use", or overwrite existing segment of another
MFC: pcfGetProperties: Check string boundaries (CVE-2017-13722)
Without the checks a malformed PCF file can cause the library to make
atom from random heap memory that was behind the `strings` buffer.
This may crash the process or leak information.
MFC: Check for end of string in PatternMatch (CVE-2017-13720)
If a pattern contains '?' character, any character in the string is skipped,
even if it is '\0'. The rest of the matching then reads invalid memory.
chown before chmod
This prevents a malicious user logging out from calling
chmod while still owning /dev/console and thus by-passing
the '622' mode that is set here.
Issue reported by Tim Chase. Thanks.
Merged from xdm upstreams
Force Intel Ironlake chipsets to use the xf86-video-intel driver.
stsp@ reported that modesetting(4) has been reported unreliable
on his laptop, while intel(4) works.
XXXX to be removed after 6.2 to figure out and fix the issue.
ok kettenis@, also discussed briefly with deraadt@ during EuroBSDCon.
When xinit starts an X server that listens only on UNIX socket,
prefer DISPLAY=unix:0 rather than DISPLAY=:0.
This will prevent applications from ever falling back to TCP if the
UNIX socket connection fails (such as when the X server crashes).
joint work with tb@
cluebat and ok matthieu@
Make disabling regenerating source files provided in Mesa distfiles that
require python/bison a configure flag instead of the previous way of
testing whether python was found (which shouldn't be the case in
xenocara even with ports packages installed).
This is required when timestamps change on files causing targets to be
invoked that will break if python and bison aren't available and found
in path by the configure script.