Debian Bug report logs - #689246
xserver-xephyr: Incorrect commandline arguments parsing

version graph

Package: xserver-xephyr; Maintainer for xserver-xephyr is Debian X Strike Force <debian-x@lists.debian.org>; Source for xserver-xephyr is src:xorg-server.

Reported by: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>

Date: Sun, 30 Sep 2012 18:30:01 UTC

Severity: important

Tags: fixed-upstream, upstream

Found in version xorg-server/2:1.12.3.902-1

Fixed in version xorg-server/2:1.12.4-2

Done: Julien Cristau <jcristau@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, andrzejtp2010@gmail.com, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#689246; Package xserver-xephyr. (Sun, 30 Sep 2012 18:30:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>:
New Bug report received and forwarded. Copy sent to andrzejtp2010@gmail.com, Debian X Strike Force <debian-x@lists.debian.org>. (Sun, 30 Sep 2012 18:30:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: xserver-xephyr: Incorrect commandline arguments parsing
Date: Sun, 30 Sep 2012 20:27:06 +0200
Package: xserver-xephyr
Version: 2:1.12.3.902-1
Severity: important

Dear Maintainer,

I run a multiseat setup, but in fact this happens also in a regular
environment. After this patch:
http://anonscm.debian.org/gitweb/?p=pkg-xorg/xserver/xorg-server.git;a=commit;h=af8ffefc070be8cb449812100b86501db17e8fd8

the commandline for Xephyr is not parsed properly. Example:

Xephyr -retro -keybd evdev,,device=/dev/input/event2,xkbrules=evdev,xkbmodel=evdev,xkblayout=pl -mouse evdev,,device=/dev/input/event1 :3

results in:

<snip>
Pointer option key (device=) of value (/dev/input/event1) not assigned!
Kbd option key (device=) of value (/dev/input/event2) not assigned!
Kbd option key (xkbrules=) of value (evdev) not assigned!
Kbd option key (xkbmodel=) of value (evdev) not assigned!
Kbd option key (xkblayout=) of value (pl) not assigned!
<snip>

The effect of the patch is that the "key=value" pairs are parsed in such a
way that the key is added an "equals" sign to it and we end up with keys
like "device=" instead of "device". This in turn has effect on
KdParsePointerOptions and KdParseKbdOptions: the key does not match
any choice presented in the "switch" statement, and so "Pointer/Kbd option
key (...) of value (...) not assigned!" happens, making all "key=value"
options inaccessible to the user. Reverting the patch makes them available
again.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages xserver-xephyr depends on:
ii  libaudit0                 1:1.7.18-1.1
ii  libc6                     2.13-35
ii  libdrm2                   2.4.33-3
ii  libgcrypt11               1.5.0-3
ii  libgl1-mesa-glx [libgl1]  8.0.4-2
ii  libpixman-1-0             0.26.0-3
ii  libselinux1               2.1.9-5
ii  libx11-6                  2:1.5.0-1
ii  libxau6                   1:1.0.7-1
ii  libxdmcp6                 1:1.1.1-1
ii  libxext6                  2:1.3.1-2
ii  libxfont1                 1:1.4.5-2
ii  libxv1                    2:1.0.7-1
ii  xserver-common            2:1.12.3.902-1

Versions of packages xserver-xephyr recommends:
ii  libgl1-mesa-dri  8.0.4-2

xserver-xephyr suggests no packages.

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#689246; Package xserver-xephyr. (Sun, 07 Oct 2012 16:45:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Julien Cristau <jcristau@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sun, 07 Oct 2012 16:45:05 GMT) Full text and rfc822 format available.

Message #10 received at 689246@bugs.debian.org (full text, mbox):

From: Julien Cristau <jcristau@debian.org>
To: xorg-devel@lists.x.org
Cc: 689246@bugs.debian.org, Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>, Julien Cristau <jcristau@debian.org>, Dave Airlie <airlied@redhat.com>
Subject: [PATCH] Revert "kinput: allocate enough space for null character."
Date: Sun, 7 Oct 2012 18:40:35 +0200
This reverts commit 531785dd746d64ef7f473a83ca73bb20e74b6fca.

The above commit breaks Xephyr option parsing.  Andrzej writes:

  Xephyr -retro -keybd evdev,,device=/dev/input/event2,xkbrules=evdev,xkbmodel=evdev,xkblayout=pl -mouse evdev,,device=/dev/input/event1 :3

  results in:

  <snip>
  Pointer option key (device=) of value (/dev/input/event1) not assigned!
  Kbd option key (device=) of value (/dev/input/event2) not assigned!
  Kbd option key (xkbrules=) of value (evdev) not assigned!
  Kbd option key (xkbmodel=) of value (evdev) not assigned!
  Kbd option key (xkblayout=) of value (pl) not assigned!
  <snip>

  The effect of the patch is that the "key=value" pairs are parsed in such
  a way that the key is added an "equals" sign to it and we end up with
  keys like "device=" instead of "device". This in turn has effect on
  KdParsePointerOptions and KdParseKbdOptions: the key does not match
  any choice presented in the "switch" statement, and so "Pointer/Kbd
  option key (...) of value (...) not assigned!" happens, making all
  "key=value" options inaccessible to the user. Reverting the patch makes
  them available again.

Reference: http://bugs.debian.org/689246
Reported-by: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
Cc: Dave Airlie <airlied@redhat.com>
---
 hw/kdrive/src/kinput.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/kdrive/src/kinput.c b/hw/kdrive/src/kinput.c
index d35dcf8..b1068bb 100644
--- a/hw/kdrive/src/kinput.c
+++ b/hw/kdrive/src/kinput.c
@@ -1034,7 +1034,7 @@ KdGetOptions(InputOption **options, char *string)
 
     if (strchr(string, '=')) {
         tam_key = (strchr(string, '=') - string);
-        key = strndup(string, tam_key + 1);
+        key = strndup(string, tam_key);
         if (!key)
             goto out;
 
-- 
1.7.10.4




Added tag(s) upstream. Request was from Julien Cristau <jcristau@debian.org> to control@bugs.debian.org. (Sun, 07 Oct 2012 16:45:07 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#689246; Package xserver-xephyr. (Sun, 07 Oct 2012 19:03:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to sandmann@cs.au.dk (Søren Sandmann):
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sun, 07 Oct 2012 19:03:05 GMT) Full text and rfc822 format available.

Message #17 received at 689246@bugs.debian.org (full text, mbox):

From: sandmann@cs.au.dk (Søren Sandmann)
To: Julien Cristau <jcristau@debian.org>
Cc: <xorg-devel@lists.x.org>, <689246@bugs.debian.org>, Dave Airlie <airlied@redhat.com>, Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
Subject: Re: [PATCH] Revert "kinput: allocate enough space for null character."
Date: Sun, 07 Oct 2012 20:53:25 +0200
Julien Cristau <jcristau@debian.org> writes:

> This reverts commit 531785dd746d64ef7f473a83ca73bb20e74b6fca.
>
> The above commit breaks Xephyr option parsing.  Andrzej writes:
>
>   Xephyr -retro -keybd evdev,,device=/dev/input/event2,xkbrules=evdev,xkbmodel=evdev,xkblayout=pl -mouse evdev,,device=/dev/input/event1 :3
>
>   results in:
>
>   <snip>
>   Pointer option key (device=) of value (/dev/input/event1) not assigned!
>   Kbd option key (device=) of value (/dev/input/event2) not assigned!
>   Kbd option key (xkbrules=) of value (evdev) not assigned!
>   Kbd option key (xkbmodel=) of value (evdev) not assigned!
>   Kbd option key (xkblayout=) of value (pl) not assigned!
>   <snip>
>
>   The effect of the patch is that the "key=value" pairs are parsed in such
>   a way that the key is added an "equals" sign to it and we end up with
>   keys like "device=" instead of "device". This in turn has effect on
>   KdParsePointerOptions and KdParseKbdOptions: the key does not match
>   any choice presented in the "switch" statement, and so "Pointer/Kbd
>   option key (...) of value (...) not assigned!" happens, making all
>   "key=value" options inaccessible to the user. Reverting the patch makes
>   them available again.
>
> Reference: http://bugs.debian.org/689246
> Reported-by: Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
> Signed-off-by: Julien Cristau <jcristau@debian.org>
> Cc: Dave Airlie <airlied@redhat.com>
> ---
>  hw/kdrive/src/kinput.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/kdrive/src/kinput.c b/hw/kdrive/src/kinput.c
> index d35dcf8..b1068bb 100644
> --- a/hw/kdrive/src/kinput.c
> +++ b/hw/kdrive/src/kinput.c
> @@ -1034,7 +1034,7 @@ KdGetOptions(InputOption **options, char *string)
>  
>      if (strchr(string, '=')) {
>          tam_key = (strchr(string, '=') - string);
> -        key = strndup(string, tam_key + 1);
> +        key = strndup(string, tam_key);
>          if (!key)
>              goto out;

Reviewed-by: Søren Sandmann <ssp@redhat.com>

strndup() returns newly allocated memory, and it will make sure to
allocate enough space for the 0 terminator.

It looks like this is a mismerge. The patch that was originally posted:

    http://lists.x.org/archives/xorg-devel/2011-October/026461.html

was correctly changing malloc(n)/strncpy() to malloc(n+1)/strncpy(), but
in the meantime the malloc(n)/strncpy() was correctly changed to use
strndup(). And then the malloc(n+1)/strncpy() patch mutated into an
incorrect strndup(n+1).


Søren



Information forwarded to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#689246; Package xserver-xephyr. (Sun, 07 Oct 2012 19:39:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Keith Packard <keithp@keithp.com>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>. (Sun, 07 Oct 2012 19:39:03 GMT) Full text and rfc822 format available.

Message #22 received at 689246@bugs.debian.org (full text, mbox):

From: Keith Packard <keithp@keithp.com>
To: Julien Cristau <jcristau@debian.org>, xorg-devel@lists.x.org, Matt Dew <marcoz@osource.org>
Cc: 689246@bugs.debian.org, Julien Cristau <jcristau@debian.org>, Dave Airlie <airlied@redhat.com>, Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>
Subject: Re: [PATCH] Revert "kinput: allocate enough space for null character."
Date: Sun, 07 Oct 2012 12:29:33 -0700
[Message part 1 (text/plain, inline)]
Julien Cristau <jcristau@debian.org> writes:

> This reverts commit 531785dd746d64ef7f473a83ca73bb20e74b6fca.
>
> The above commit breaks Xephyr option parsing.

Merged.
   7f9d78d..09f1e5b  master -> master

Matt: this looks like a candidate for the Stable series to me.

-- 
keith.packard@intel.com
[Message part 2 (application/pgp-signature, inline)]

Added tag(s) pending and fixed-upstream. Request was from Julien Cristau <jcristau@debian.org> to control@bugs.debian.org. (Sun, 07 Oct 2012 19:42:03 GMT) Full text and rfc822 format available.

Reply sent to Julien Cristau <jcristau@debian.org>:
You have taken responsibility. (Sun, 04 Nov 2012 00:21:30 GMT) Full text and rfc822 format available.

Notification sent to Andrzej Pietrasiewicz <andrzejtp2010@gmail.com>:
Bug acknowledged by developer. (Sun, 04 Nov 2012 00:21:31 GMT) Full text and rfc822 format available.

Message #29 received at 689246-close@bugs.debian.org (full text, mbox):

From: Julien Cristau <jcristau@debian.org>
To: 689246-close@bugs.debian.org
Subject: Bug#689246: fixed in xorg-server 2:1.12.4-2
Date: Sun, 04 Nov 2012 00:19:37 +0000
Source: xorg-server
Source-Version: 2:1.12.4-2

We believe that the bug you reported is fixed in the latest version of
xorg-server, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 689246@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Cristau <jcristau@debian.org> (supplier of updated xorg-server package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 24 Oct 2012 16:46:48 +0200
Source: xorg-server
Binary: xserver-xorg-core xserver-xorg-core-udeb xserver-xorg-dev xdmx xdmx-tools xnest xvfb xserver-xephyr xserver-xfbdev xserver-xorg-core-dbg xserver-common
Architecture: source all amd64
Version: 2:1.12.4-2
Distribution: unstable
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description: 
 xdmx       - distributed multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xserver-common - common files used by various X servers
 xserver-xephyr - nested X server
 xserver-xfbdev - Linux framebuffer device tiny X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-dbg - Xorg - the X.Org X server (debugging symbols)
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xvfb       - Virtual Framebuffer 'fake' X server
Closes: 666468 685750 689246
Changes: 
 xorg-server (2:1.12.4-2) unstable; urgency=low
 .
   * Fix Xephyr command line option parsing (closes: #689246).  Thanks, Andrzej
     Pietrasiewicz!
   * Restore {in,out}{b,w,l} on ia64 (closes: #685750).  Thanks, Stephan
     Schreiber!
   * EXA: Fall back earlier and more thoroughly from exaGlyphs (closes:
     #666468).  Patch by Michel Dänzer stolen from upstream bugzilla.
Checksums-Sha1: 
 39bdb9f7b96fcec22b56797ba80ceb90fbe841aa 4095 xorg-server_1.12.4-2.dsc
 b98dfec1add259d9606cc415e5c21803def0813e 88877 xorg-server_1.12.4-2.diff.gz
 35cc27ec6236b86712c9bf136119054b7f531ec4 1395468 xserver-common_1.12.4-2_all.deb
 2ae7c8682e970ed6b3815e420467767f34226dcb 1761186 xserver-xorg-core_1.12.4-2_amd64.deb
 2096b8894566bfaeb99e9163e0fa0572fd8a7d0d 867068 xserver-xorg-core-udeb_1.12.4-2_amd64.udeb
 f8dfad09b85e2c408a3c906c8879e8fd3f3ce15f 319568 xserver-xorg-dev_1.12.4-2_amd64.deb
 4f367ca1928987998e8c088dc1816932bc8346aa 922404 xdmx_1.12.4-2_amd64.deb
 deaf92e2b076464ad3e2460d47bc62d0888fb35b 125010 xdmx-tools_1.12.4-2_amd64.deb
 a313d86029116e677aae23adc39868ab75ac30c4 820934 xnest_1.12.4-2_amd64.deb
 3380e13068322600dcf7dc89dee57795d2662abf 924594 xvfb_1.12.4-2_amd64.deb
 4eb1d140eecefe9f40c7a5a9c6c4fe15e757d25b 1017286 xserver-xephyr_1.12.4-2_amd64.deb
 7f2f126b1f5e2bd80e2cdd9f1c6cac85b275e1d1 939272 xserver-xfbdev_1.12.4-2_amd64.deb
 80eb0afe225d17147b16ada30a46d0d2a027fbf9 7290316 xserver-xorg-core-dbg_1.12.4-2_amd64.deb
Checksums-Sha256: 
 8c523adec82f279efd93ae1d8183e24a396f21a1ea5d4d613f119202dc15d39e 4095 xorg-server_1.12.4-2.dsc
 9dea49f2be35e56582b122df67b4560c9bc5268997f12b20183a5fa4b78f44fd 88877 xorg-server_1.12.4-2.diff.gz
 4baf42b8ad55b39d284b2071e690daeef4df1d18c97c4acf34534eefc8fc4d0d 1395468 xserver-common_1.12.4-2_all.deb
 e04af655a0457fa5a1e08ced00a9a96775206ac1716e18961a06eebc0f717ee6 1761186 xserver-xorg-core_1.12.4-2_amd64.deb
 4b5ec1069c7563bcc87c887d2fbfe31f0e5473a1a8b3a35eb8f0971cabe4da3a 867068 xserver-xorg-core-udeb_1.12.4-2_amd64.udeb
 8b722c02fa4edf67f91f5d73a6984b5e345fc1de09c996f3d3949c593bf3b084 319568 xserver-xorg-dev_1.12.4-2_amd64.deb
 7855070b7ce68bea5b1046c6c4163e0491773f82aab846641a8e9eff7fca6b4d 922404 xdmx_1.12.4-2_amd64.deb
 bc2e4e389150fc9f137c8cc5f6110bc1cd3973d0e3a4705e4f483f6bb42013fb 125010 xdmx-tools_1.12.4-2_amd64.deb
 85c3590e8118b92d520fee9c8ba8372a0fccd6c62cc75e1e5267239f3aaac9ef 820934 xnest_1.12.4-2_amd64.deb
 73bf634dcb2a8a321fecd52e887b754b70fdcf20044498795bbeec5804985a3e 924594 xvfb_1.12.4-2_amd64.deb
 d086e987e9d2a85b922764d351a87aa3eaacc1c8f90d03bb8c9f96af34d1ba0f 1017286 xserver-xephyr_1.12.4-2_amd64.deb
 728c9e6b7ba48347a48863d0f49459276d2a04a64858927690cd4de7de7f39b3 939272 xserver-xfbdev_1.12.4-2_amd64.deb
 4f1beafe6b078e00554a2d7c071d34dd1cf9b1bbab8ca84886e8dc2a7e07915a 7290316 xserver-xorg-core-dbg_1.12.4-2_amd64.deb
Files: 
 75134342871290680a86a886dee76e92 4095 x11 optional xorg-server_1.12.4-2.dsc
 b0a18f26581f50c467724c4ad3d8d7c0 88877 x11 optional xorg-server_1.12.4-2.diff.gz
 898fddab13814ea72342e5fe37a3e62a 1395468 x11 optional xserver-common_1.12.4-2_all.deb
 7f0eb7c3aea1cee607d27a0cdc80e724 1761186 x11 optional xserver-xorg-core_1.12.4-2_amd64.deb
 8cc9ce75923e09959f5cda8e67efcdbc 867068 debian-installer optional xserver-xorg-core-udeb_1.12.4-2_amd64.udeb
 4f63d2c648a710de814a67003d55fcc7 319568 x11 optional xserver-xorg-dev_1.12.4-2_amd64.deb
 dabc0638bcd7f8a1438674fb96672314 922404 x11 optional xdmx_1.12.4-2_amd64.deb
 07890b378e0b0fab9a58f1ba1f982417 125010 x11 optional xdmx-tools_1.12.4-2_amd64.deb
 f5bae05e8c31e951ee96e5d23ed39a72 820934 x11 optional xnest_1.12.4-2_amd64.deb
 2a5f875af244c58d974e47219121f6e5 924594 x11 optional xvfb_1.12.4-2_amd64.deb
 7aeb358c5292035ebfa0a9c3802370f4 1017286 x11 optional xserver-xephyr_1.12.4-2_amd64.deb
 a0476622a3976dd1fef26e02b4ee7fe1 939272 x11 optional xserver-xfbdev_1.12.4-2_amd64.deb
 38edc4da7ad2acf22465c746ce20078b 7290316 debug extra xserver-xorg-core-dbg_1.12.4-2_amd64.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJQlaxSAAoJEDEBgAUJBeQMVJYP/2VOSgIiPtfQEJHhhQTywlY+
eVPFV3IdkpPsGH9ea+ACDSXqumHfPQUPF81DIjm7QNKtkBKqZ7mskXqwxBVALLRB
5eV0PPghz95LMBNYsJGMGh5l0LTpAi+En9zLfmXEqHbTH14M2cFTCbiNf2oCDkyv
AsvEuLjMlRhBqo0s8+CVuOLqPU8tM0tAiE6GjFGri+Kh2XnFy5E+PjYHklo0l5fl
J4ho5vM1xs2k8vmpy4fi+TjPCXUTBttfiziLU/Zw5rFE0z+JYxJ3oWzCQKpGmH/H
/IZoBat6nq5KJrHtr/badcKV6NXO0557ZmdJRzjupD1myXI+rW57gYeZgKmrItMk
TIBOUEE71aJNIV3uxJg98qs9JhqZ/w7meIdaNiQ0YMKnj+JUrhFoWExUMvkjyn7Z
hC/4vrKVmijTYCJX1Fq/WAwWksEZo7y3gpWkdEgrFv8RuN4BrJAyswG6+WCsGN/q
CXz6v3U1jdVJp0PtiYcMs+PaBdn9e8VRITGbOtKZY6DGtWxasJkLgCc02SnNPctf
3wP+bJWH8OueSHqeEXX4TYMvsOr6iKvR1fShH+bXG7rFUxHv85SXwG6nn3W1vZbi
lVLoaysZt9rL7iwpE6FpoBuxqTHV9/1V1gY2KEf+ROyq/PB4jfFxarG1IH1a49vD
7fOyuftNryGHtUyC7Ed7
=yt+4
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 03 Dec 2012 07:27:41 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 08:07:27 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.