Fix off-by-one in dlist allocation when checking whether to allocate a
new block. This fixes segfaults in dlist functions that occur on
applications making heavy use of display lists that exceed BLOCK_SIZE.
ok jsg@ and stsp@, who also both helped me track down the issue.
Rewrite the privsep imsg code using the new ibuf API.
Properly wrap the imsg_read() / imsg_get() calls in a while loop.
Do not initialize the fd of the struct ibuf to -1 (this is already done).
Rewrite the imsg parser using imsg_get_ibuf(), ibuf_get and a local new
function ibuf_get_string() which abstracts the extraction of the strings
from the ibuf.
Properly clear and free the user, pass and style variables.
OK tb@ matthieu@
Multiple issues have been found in the X server and Xwayland
implementations:
1) CVE-2023-6816 can be triggered by passing an invalid array index to
DeviceFocusEvent or ProcXIQueryPointer.
2) CVE-2024-0229 can be triggered if a device has both a button and a
key class and zero buttons.
3) CVE-2024-21885 can be triggered if a device with a given ID was
removed and a new device with the same ID added both in the same
operation.
4) CVE-2024-21886 can be triggered by disabling a master device with
disabled slave devices.
5) CVE-2024-0409 can be triggered by enabling SELinux
xserver_object_manager and running a client.
[2 lines not shown]
Substitute "100" for __default_termid__ instead of "vt100".
The "vt" prefix is optional for the default terminal ID.
Fixes an instance of "vtvt100" in the installed man page.
OK matthieu@