main/libxtst: upgrade to 1.2.2

3 files changed, 6 insertions, 185 deletions

diff --git a/main/libxtst/0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch b/main/libxtst/0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
deleted file mode 100644
index 43fa1e0d7..000000000
--- a/main/libxtst/0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 46ed6283034b5b7d14584009453f5d974cfacf1e Mon Sep 17 00:00:00 2001
-From: Alan Coopersmith <alan.coopersmith@oracle.com>
-Date: Sat, 13 Apr 2013 11:05:27 -0700
-Subject: [PATCH 1/2] Use _XEatDataWords to eat data in error cases
-
-Avoids having to do calculcations based on response contents
-
-Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
----
- configure.ac  |  6 ++++++
- src/XRecord.c | 23 +++++++++++++++++------
- 2 files changed, 23 insertions(+), 6 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 7ef0153..d83d4d8 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -47,6 +47,12 @@ XORG_CHECK_SGML_DOCTOOLS(1.8)
- # Obtain compiler/linker options for depedencies
- PKG_CHECK_MODULES(XTST, x11 [xext >= 1.0.99.4] xi [recordproto >= 1.13.99.1] [xextproto >= 7.0.99.3] inputproto)
- 
-+# Check for _XEatDataWords function that may be patched into older Xlib release
-+SAVE_LIBS="$LIBS"
-+LIBS="$XTST_LIBS"
-+AC_CHECK_FUNCS([_XEatDataWords])
-+LIBS="$SAVE_LIBS"
-+
- # Determine if the source for man pages is available
- # It may already be present (tarball) or can be generated using xmlto
- AM_CONDITIONAL([INSTALL_MANPAGES],
-diff --git a/src/XRecord.c b/src/XRecord.c
-index b65451c..ba628b6 100644
---- a/src/XRecord.c
-+++ b/src/XRecord.c
-@@ -49,6 +49,9 @@ from The Open Group.
-  * By Stephen Gildea, X Consortium, and Martha Zimet, NCD.
-  */
- 
-+#ifdef HAVE_CONFIG_H
-+#include <config.h>
-+#endif
- #include <stdio.h>
- #include <assert.h>
- #include <X11/Xlibint.h>
-@@ -56,6 +59,18 @@ from The Open Group.
- #include <X11/extensions/extutil.h>
- #include <X11/extensions/recordproto.h>
- #include <X11/extensions/record.h>
-+#include <limits.h>
-+
-+#ifndef HAVE__XEATDATAWORDS
-+static inline void _XEatDataWords(Display *dpy, unsigned long n)
-+{
-+# ifndef LONG64
-+    if (n >= (ULONG_MAX >> 2))
-+        _XIOError(dpy);
-+# endif
-+    _XEatData (dpy, n << 2);
-+}
-+#endif
- 
- static XExtensionInfo _xrecord_info_data;
- static XExtensionInfo *xrecord_info = &_xrecord_info_data;
-@@ -427,7 +442,7 @@ XRecordGetContext(Display *dpy, XRecordContext context,
- 
-     ret = (XRecordState*)Xmalloc(sizeof(XRecordState));
-     if (!ret) {
--	/* XXX - eat data */
-+	_XEatDataWords (dpy, rep.length);
- 	UnlockDisplay(dpy);
- 	SyncHandle();
- 	return 0;
-@@ -446,11 +461,7 @@ XRecordGetContext(Display *dpy, XRecordContext context,
- 	}
-         if (!client_inf || !client_inf_str)
-         {
--           for(i = 0; i < count; i++)
--           {
--	        _XEatData (dpy, sizeof(xRecordClientInfo));
--                _XEatData (dpy, SIZEOF(xRecordRange)); /* XXX - don't know how many */
--           }
-+	   _XEatDataWords (dpy, rep.length);
- 	   UnlockDisplay(dpy);
- 	   XRecordFreeState(ret);
- 	   SyncHandle();
--- 
-1.8.2.3
-
diff --git a/main/libxtst/0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch b/main/libxtst/0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch
deleted file mode 100644
index 661a464fd..000000000
--- a/main/libxtst/0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From e7e04b7be3f018ad636aba3a36bfc1cd80b9906d Mon Sep 17 00:00:00 2001
-From: Alan Coopersmith <alan.coopersmith@oracle.com>
-Date: Sat, 13 Apr 2013 11:27:26 -0700
-Subject: [PATCH 2/2] integer overflow in XRecordGetContext() [CVE-2013-2063]
-
-The nclients and nranges members of the reply are both CARD32 and need
-to be bounds checked before multiplying by the size of the structs to
-avoid integer overflow leading to underallocation and writing data from
-the network past the end of the allocated buffer.
-
-Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
----
- src/XRecord.c | 32 +++++++++++++++++++++-----------
- 1 file changed, 21 insertions(+), 11 deletions(-)
-
-diff --git a/src/XRecord.c b/src/XRecord.c
-index ba628b6..5bbd5ac 100644
---- a/src/XRecord.c
-+++ b/src/XRecord.c
-@@ -420,11 +420,9 @@ XRecordGetContext(Display *dpy, XRecordContext context,
-     XExtDisplayInfo 	*info = find_display (dpy);
-     register 		xRecordGetContextReq   	*req;
-     xRecordGetContextReply 	rep;
--    int			count, i, rn;
-+    unsigned int	count, i, rn;
-     xRecordRange   	xrange;
--    XRecordRange	*ranges = NULL;
-     xRecordClientInfo   xclient_inf;
--    XRecordClientInfo	**client_inf, *client_inf_str = NULL;
-     XRecordState	*ret;
- 
-     XRecordCheckExtension (dpy, info, 0);
-@@ -454,13 +452,18 @@ XRecordGetContext(Display *dpy, XRecordContext context,
- 
-     if (count)
-     {
--     	client_inf = (XRecordClientInfo **) Xcalloc(count, sizeof(XRecordClientInfo*));
--	ret->client_info = client_inf;
--	if (client_inf != NULL) {
--	    client_inf_str = (XRecordClientInfo *) Xmalloc(count*sizeof(XRecordClientInfo));
-+	XRecordClientInfo	**client_inf = NULL;
-+	XRecordClientInfo	*client_inf_str = NULL;
-+
-+	if (count < (INT_MAX / sizeof(XRecordClientInfo))) {
-+	    client_inf = Xcalloc(count, sizeof(XRecordClientInfo *));
-+	    if (client_inf != NULL)
-+		client_inf_str = Xmalloc(count * sizeof(XRecordClientInfo));
- 	}
-+	ret->client_info = client_inf;
-         if (!client_inf || !client_inf_str)
-         {
-+	   free(client_inf);
- 	   _XEatDataWords (dpy, rep.length);
- 	   UnlockDisplay(dpy);
- 	   XRecordFreeState(ret);
-@@ -476,11 +479,18 @@ XRecordGetContext(Display *dpy, XRecordContext context,
- 
- 	    if (xclient_inf.nRanges)
- 	    {
--		client_inf_str[i].ranges = (XRecordRange**) Xcalloc(xclient_inf.nRanges, sizeof(XRecordRange*));
--		if (client_inf_str[i].ranges != NULL) {
--		    ranges = (XRecordRange*)
--			Xmalloc(xclient_inf.nRanges * sizeof(XRecordRange));
-+		XRecordRange	*ranges = NULL;
-+
-+		if (xclient_inf.nRanges < (INT_MAX / sizeof(XRecordRange))) {
-+		    client_inf_str[i].ranges =
-+			Xcalloc(xclient_inf.nRanges, sizeof(XRecordRange *));
-+		    if (client_inf_str[i].ranges != NULL)
-+			ranges =
-+			    Xmalloc(xclient_inf.nRanges * sizeof(XRecordRange));
- 		}
-+		else
-+		    client_inf_str[i].ranges = NULL;
-+
- 		if (!client_inf_str[i].ranges || !ranges) {
- 		    /* XXX eat data */
- 		    UnlockDisplay(dpy);
--- 
-1.8.2.3
-
diff --git a/main/libxtst/APKBUILD b/main/libxtst/APKBUILD
index c87af4a04..30da3627f 100644
--- a/main/libxtst/APKBUILD
+++ b/main/libxtst/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libxtst
-pkgver=1.2.1
-pkgrel=1
+pkgver=1.2.2
+pkgrel=0
 pkgdesc="X11 Testing -- Resource extension library"
 url="http://xorg.freedesktop.org/"
 arch="all"
@@ -9,10 +9,8 @@ license="custom"
 subpackages="$pkgname-dev $pkgname-doc"
 depends=
 depends_dev="recordproto libx11-dev libxext-dev inputproto libxi-dev"
-makedepends="$depends_dev libtool autoconf automake util-macros"
+makedepends="$depends_dev"
 source="http://xorg.freedesktop.org/releases/individual/lib/libXtst-$pkgver.tar.bz2
-	0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
-	0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch
 	"
 
 _builddir="$srcdir"/libXtst-$pkgver
@@ -23,8 +21,6 @@ prepare() {
 		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
 		esac
 	done
-	libtoolize --force && aclocal && autoheader && autoconf \
-		&& automake --add-missing
 }
 
 build() {
@@ -41,12 +37,6 @@ package() {
 	install -D -m644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
 }
 
-md5sums="e8abc5c00c666f551cf26aa53819d592  libXtst-1.2.1.tar.bz2
-ef5006c916511e087973d797a60aaee1  0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
-641e6194973b4d324f8278faa821b87a  0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch"
-sha256sums="7eea3e66e392aca3f9dad6238198753c28e1c32fa4903cbb7739607a2504e5e0  libXtst-1.2.1.tar.bz2
-bba7db9220b8a91b5ca71133af55414851d350e81c6142e74e7c44a3fc57c052  0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
-d67b95b9bf1587e48bc4009d1d100ed1ee3a611ed07869bb157290064986db6f  0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch"
-sha512sums="287c10a761d30acc988399e23de1ecb7c90d8bd4d363cd03cd0a02eb232e37b0943f359fae76a8e68504ccadc2b7c0117bfebee75e00a0b6f58397658f8ebe0d  libXtst-1.2.1.tar.bz2
-0144a420f78f5377acd2548355089596439437d1d19945532428a1cc5f263155f03ebfbba668f9c468525c579aa091d4ddf27006ec4d55246bd045a7e6ff9739  0001-Use-_XEatDataWords-to-eat-data-in-error-cases.patch
-730a9ad7c8aafd8f161bf7cbbd4bbd2c62d4fc6cf50a69f5575a4c52e9a2d712e36bb4e3b9325f628a2f71115ce8797ac93aa7bf023d0abe7ba3603f33f47e81  0002-integer-overflow-in-XRecordGetContext-CVE-2013-2063.patch"
+md5sums="25c6b366ac3dc7a12c5d79816ce96a59  libXtst-1.2.2.tar.bz2"
+sha256sums="ef0a7ffd577e5f1a25b1663b375679529663a1880151beaa73e9186c8309f6d9  libXtst-1.2.2.tar.bz2"
+sha512sums="1cf040f16d426e6a6d1cf8c0f966c171418c082165ae6e9bed6285cd45f144e4ef58bf74c6d34fd81e6894534d21df55efe5d0bc0b2a28f9bb9d74e168dd7369  libXtst-1.2.2.tar.bz2"