[arch-commits] Commit in xorg-server/trunk (PKGBUILD vbe-fix-malloc-size-bug.patch)

Jan de Groot jgc at archlinux.org
Mon Mar 14 10:49:01 UTC 2011 

    Date: Monday, March 14, 2011 @ 06:49:00
  Author: jgc
Revision: 114590

upgpkg: xorg-server 1.9.4.901-1
Update to 1.9.5RC1, add upstream patch from git. Replace dependency on xorg-xkb-utils, keep xorg group on xorg-server only

Added:
  xorg-server/trunk/vbe-fix-malloc-size-bug.patch
Modified:
  xorg-server/trunk/PKGBUILD

-------------------------------+
 PKGBUILD                      |   12 ++++++++----
 vbe-fix-malloc-size-bug.patch |   39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 4 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2011-03-14 10:16:50 UTC (rev 114589)
+++ PKGBUILD	2011-03-14 10:49:00 UTC (rev 114590)
@@ -3,19 +3,21 @@
 
 pkgbase=xorg-server
 pkgname=('xorg-server' 'xorg-server-xephyr' 'xorg-server-xdmx' 'xorg-server-xvfb' 'xorg-server-xnest' 'xorg-server-common' 'xorg-server-devel')
-pkgver=1.9.4
+pkgver=1.9.4.901
 pkgrel=1
 arch=('i686' 'x86_64')
 license=('custom')
 url="http://xorg.freedesktop.org"
-makedepends=('pixman' 'libx11' 'mesa' 'libgl' 'xf86driproto' 'xcmiscproto' 'xtrans' 'bigreqsproto' 'randrproto' 'inputproto' 'fontsproto' 'videoproto' 'compositeproto' 'recordproto' 'scrnsaverproto' 'resourceproto' 'xineramaproto' 'libxkbfile' 'libxfont' 'renderproto' 'libpciaccess' 'libxv' 'xf86dgaproto' 'libxmu' 'libxrender' 'libxi' 'dmxproto' 'libxaw' 'libdmx' 'libxtst' 'libxres')
+makedepends=('pixman' 'libx11' 'mesa' 'libgl' 'xf86driproto' 'xcmiscproto' 'xtrans' 'bigreqsproto' 'randrproto' 'inputproto' 'fontsproto' 'videoproto' 'compositeproto' 'recordproto' 'scrnsaverproto' 'resourceproto' 'xineramaproto' 'libxkbfile' 'libxfont' 'renderproto' 'libpciaccess' 'libxv' 'xf86dgaproto' 'libxmu' 'libxrender' 'libxi' 'dmxproto' 'libxaw' 'libdmx' 'libxtst' 'libxres' 'xorg-xkbcomp')
 options=('!libtool')
 source=(${url}/releases/individual/xserver/${pkgbase}-${pkgver}.tar.bz2
+        vbe-fix-malloc-size-bug.patch
         xorg-redhat-die-ugly-pattern-die-die-die.patch
         xvfb-run
         xvfb-run.1
         10-quirks.conf)
-md5sums=('040f091dfdfb4e335116eb0032cc690b'
+md5sums=('0fde9023db0581e9b145b4cd0784a3c5'
+         'c22e6ec412769b1c30c44b1f45b50e02'
          '1a336eb22e27cbf443ec5a2ecddfa93c'
          '52fd3effd80d7bc6c1660d4ecf23d31c'
          '376c70308715cd2643f7bff936d9934b'
@@ -24,6 +26,8 @@
 build() {
   cd "${srcdir}/${pkgbase}-${pkgver}"
 
+  patch -Np1 -i "${srcdir}/vbe-fix-malloc-size-bug.patch"
+
   # Get rid of the ugly pattern
   patch -Np3 -i "${srcdir}/xorg-redhat-die-ugly-pattern-die-die-die.patch"
 
@@ -63,7 +67,7 @@
 
 package_xorg-server-common() {
   pkgdesc="Xorg server common files"
-  depends=('xkeyboard-config' 'xorg-xkb-utils' 'xorg-fonts-misc')
+  depends=('xkeyboard-config' 'xorg-xkbcomp' 'xorg-setxkbmap' 'xorg-fonts-misc')
 
   cd "${srcdir}/${pkgbase}-${pkgver}"
   install -m755 -d "${pkgdir}/usr/share/licenses/xorg-server-common"

Added: vbe-fix-malloc-size-bug.patch
===================================================================
--- vbe-fix-malloc-size-bug.patch	                        (rev 0)
+++ vbe-fix-malloc-size-bug.patch	2011-03-14 10:49:00 UTC (rev 114590)
@@ -0,0 +1,39 @@
+From 8ffaef2ebd2611e2eed4ef97350c3a34508f5252 Mon Sep 17 00:00:00 2001
+From: Adam Jackson <ajax at redhat.com>
+Date: Thu, 24 Feb 2011 21:06:34 +0000
+Subject: vbe: Fix malloc size bug
+
+v2: Slightly more obvious sizing math.
+
+==14882== Invalid write of size 2
+==14882==    at 0x6750267: VBEGetVBEInfo (vbe.c:400)
+==14882==    by 0x6142064: ??? (in /usr/lib64/xorg/modules/drivers/vesa_drv.so)
+==14882==    by 0x471895: InitOutput (xf86Init.c:519)
+==14882==    by 0x422778: main (main.c:205)
+==14882==  Address 0x4f32fa8 is 72 bytes inside a block of size 73 alloc'd
+==14882==    at 0x4A0640D: malloc (vg_replace_malloc.c:236)
+==14882==    by 0x675024B: VBEGetVBEInfo (vbe.c:398)
+==14882==    by 0x6142064: ??? (in /usr/lib64/xorg/modules/drivers/vesa_drv.so)
+==14882==    by 0x471895: InitOutput (xf86Init.c:519)
+==14882==    by 0x422778: main (main.c:205)
+
+Reviewed-by: Mark Kettenis <kettenis at openbsd.org>
+Reviewed-by: Alan Coopersmith <alan.coopersmith at oracle.com>
+Signed-off-by: Adam Jackson <ajax at redhat.com>
+(cherry picked from commit d8caa782009abf4dc17b945e325e83fda299a534)
+---
+diff --git a/hw/xfree86/vbe/vbe.c b/hw/xfree86/vbe/vbe.c
+index 7a64a4a..1d3775b 100644
+--- a/hw/xfree86/vbe/vbe.c
++++ b/hw/xfree86/vbe/vbe.c
+@@ -395,7 +395,7 @@ VBEGetVBEInfo(vbeInfoPtr pVbe)
+     i = 0;
+     while (modes[i] != 0xffff)
+ 	i++;
+-    block->VideoModePtr = malloc(sizeof(CARD16) * i + 1);
++    block->VideoModePtr = malloc(sizeof(CARD16) * (i + 1));
+     memcpy(block->VideoModePtr, modes, sizeof(CARD16) * i);
+     block->VideoModePtr[i] = 0xffff;
+ 
+--
+cgit v0.8.3-6-g21f6

More information about the arch-commits mailing list