[Bug 196119] New: [patch] x11-server/xorg-server: unbreak net/tigervnc after CVE-2014-8092 patch
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Dec 19 06:22:10 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196119
Bug ID: 196119
Summary: [patch] x11-server/xorg-server: unbreak net/tigervnc
after CVE-2014-8092 patch
Product: Ports Tree
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: beastie at tardisi.com
CC: meta+ports at vmeta.jp
CC: meta+ports at vmeta.jp
Flags: maintainer-feedback?(meta+ports at vmeta.jp)
Created attachment 150747
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=150747&action=edit
patch to unbreak what wasn't broke, leaves fix for what was.
since x11-server/xorg-server was updated to "Fix multiple xserver security
advisories in the 1.12.4 xserver."
net/tigervnc fails to build at this point:
(00:13:42) In file included from ../../include/region.h:51,
(00:13:42) from ../../include/window.h:52,
(00:13:42) from ../../include/input.h:56,
(00:13:42) from ../../hw/xfree86/common/xf86str.h:39,
(00:13:42) from ../../hw/xfree86/common/xf86.h:45,
(00:13:42) from xf86vncModule.cc:39:
(00:13:42) ../../include/regionstr.h: In function 'void
RegionInit(pixman_region16*, pixman_box16*, int)':
(00:13:42) ../../include/regionstr.h:147: error: invalid conversion from
'void*' to 'pixman_region16_data_t*'
(00:13:42) Makefile:893: recipe for target 'libvnc_la-xf86vncModule.lo' failed
After searching online for a while, I came across this message post:
> Re: [tigervnc-devel] Ubuntu trusty build failures
>
> Alan Coopersmith Thu, 11 Dec 2014 17:34:03 -0800
>
> On 12/11/14 05:19 PM, Brian Hinz wrote:
> > As of yesterday, upstream patches to the ubuntu 14.04 xorg-server-source package
> > cause our build to fail with the following error:
> >
> > ../../include/regionstr.h: In function 'void RegionInit(RegionPtr, BoxPtr,
> > int)':
> > ../../include/regionstr.h:147:45: error: invalid conversion from 'void*' to
> > 'pixman_region16_data_t* {aka pixman_region16_data*}' [-fpermissive]
> > (((_pReg)->data = malloc(rgnSize)) != NULL)) {
> >
> > Still looking into what changed that's now causing this, but thechangelog
> > <http://changelogs.ubuntu.com/changelogs/pool/main/x/xorg-server/xorg-server_1.15.1-0ubuntu2.5/changelog>
> > references CVEs so we should probably review them to make sure the 1.4.0 release is
> > not affected.
>
> Sorry, I'm a C programmer, so I'm in the habit of deleting casts of malloc()
> results, forgetting that breaks C++.
>
> After the patches were released, I also found late yesterday that this change
> had broken our TigerVNC 1.1 package build on Solaris:
>
> - if (((_size) > 1) && ((_pReg)->data =
> - (RegDataPtr) malloc(RegionSizeof(_size)))) {
> + if (((_size) > 1) && ((rgnSize = RegionSizeof(_size)) > 0) &&
> + (((_pReg)->data = malloc(rgnSize)) != NULL)) {
>
> from http://cgit.freedesktop.org/xorg/xserver/commit/?id=97015a07b9e15d8ec5608b95d95ec0eb51202acb
>
> I can make it build again by putting the (RegDataPtr) back but was hoping we
> could find some way to make extern "C" { ... } or similar convince the compiler
> C code was okay, since on the upstream Xorg side we have no way of knowing when
> our C changes break VNC trying to use our C code as C++ code.
>
> --
> -Alan Coopersmith- alan.coopersm... at oracle.com
> Oracle Solaris Engineering - http://blogs.oracle.com/alanc
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: http://lists.x.org/mailman/listinfo/xorg-devel
Well, as a C Programmer...sure....
1> casting is redundant. so not doing it saves typing, how does removing it
save? Not casting (or worse removing somebody else's cast, would get me burned
in a code review....but then company had so far failed to get acquire by
Oracle.)
2> it would mask failing to include stdlib.h, so make sure its included (of
course that would lead to redundancy.)
3> if the type is changed, it require updating all the malloc's. Unless a
typedef is used....which, umm, is what RegDataPtr is.
--- Comment #1 from Bugzilla Automation <bugzilla at FreeBSD.org> ---
Maintainer CC'd
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list