Two important patches fixing deadlocks when using XIPassiveGrab requests.
You're recommended to updated.
Note that we now require libX11 1.6, that's a new dependency over 1.7.2 but
it's over a year old by now anyway.
Jasper St. Pierre (2):
XIPassiveGrab: Fix display locking inside _XIPassiveGrabDevice for error paths
XIPassiveGrab: Fix completely broken locking in XIGrabTouchBegin
Keith Packard (1):
man: Update XIQueryVersion docs to match new version compatibility semantics
Michael Joost (1):
Remove fallback for _XEatDataWords, require libX11 1.6 for it
Peter Hutterer (1):
libXi 1.7.3
version is older than required version).
Set API_DEPENDS for required package for the case using libXi from pkgsrc,
same as specified to build this package.
Changes in 1.7.2:
Only one minor change since the RC. Again, this release contains the fixes
for CVE-2013-1998, CVE-2013-1984 and CVE-2013-1995 so you're encouraged to
update.
Peter Hutterer (1):
libXi 1.7.2
Thomas Klausner (1):
Remove check that can never be true.
Changses in 1.7.1.901:
First and likely only RC for libXi 1.7.2. This one has a bunch of changes
for CVE-2013-1998, CVE-2013-1984 and CVE-2013-1995. These relate to various
integer overflows and other corruption that happens if we trust the server
a bit too much on the data we're being sent.
On top of those fixes, the sequence number in XI2 events is now set
propertly too (#64687).
Please test, if you find any issues let me know.
Alan Coopersmith (14):
Expand comment on the memory vs. reply ordering in XIGetSelectedEvents()
Use _XEatDataWords to avoid overflow of rep.length bit shifting
Stack buffer overflow in XGetDeviceButtonMapping() [CVE-2013-1998 1/3]
memory corruption in _XIPassiveGrabDevice() [CVE-2013-1998 2/3]
unvalidated lengths in XQueryDeviceState() [CVE-2013-1998 3/3]
integer overflow in XGetDeviceControl() [CVE-2013-1984 1/8]
integer overflow in XGetFeedbackControl() [CVE-2013-1984 2/8]
integer overflow in XGetDeviceDontPropagateList() [CVE-2013-1984 3/8]
integer overflow in XGetDeviceMotionEvents() [CVE-2013-1984 4/8]
integer overflow in XIGetProperty() [CVE-2013-1984 5/8]
integer overflow in XIGetSelectedEvents() [CVE-2013-1984 6/8]
Avoid integer overflow in XGetDeviceProperties() [CVE-2013-1984 7/8]
Avoid integer overflow in XListInputDevices() [CVE-2013-1984 8/8]
sign extension issue in XListInputDevices() [CVE-2013-1995]
Peter Hutterer (7):
Copy the sequence number into the target event too (#64687)
Don't overwrite the cookies serial number
Fix potential corruption in mask_len handling
Change size += to size = in XGetDeviceControl
If the XGetDeviceDontPropagateList reply has an invalid length, return 0
Include limits.h to prevent build error: missing INT_MAX
libXi 1.7.1.901
Only a single fix: including the XFixes header to get the typedef for
PointerBarrier. Naturally, this adds a pkgconfig build-time dependency on
XFixes.
Why? The header shipped with 1.7 typedef'd PointerBarrier. If you #include
both XI and Xfixes headers, you will end up with a duplicate typedef.
This is not an issue on gcc >= 4.6 since the two typedef's are the same.
On earlier versions this will trigger an error. gcc 4.6 -pedantic-errors
will trigger the same error.
Peter Hutterer (2):
Require XFixes for PointerBarrier, remove duplicate typedef libXi 1.7.1
gcc 4.6 won't complain about that, but earlier versions do:
http://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=ce3765bf44e49ef0568a1ad4a0b7f807591d6412
gcc 4.6 with -pedantic-errors shows:
/opt/xorg/include/X11/extensions/XInput2.h:172:13: error: redefinition of
typedef ‘PointerBarrier’ [-pedantic]
In file included from test.c:1:0:
/opt/xorg/include/X11/extensions/Xfixes.h:255:13: note: previous declaration
of ‘PointerBarrier’ was here
PointerBarriers is defined in XFixes.h and here. So hook onto the only thing
we can in Xfixes.h and use that to figure out if we need to typedef
ourselves. XFIXES_MAJOR is defined in xfixeswire.h, so we can't hook onto it
directly.
Adding this ifdef here means we have include order dependency of XFixes.h
before XInput2.h unless we add a similar ifdef to the fixes headers.
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
---
Nasty, but can't think of a better way atm.
The feature added in this revision is pointer barrier events and releases.
Pointer barriers themselves are an XFixes 5 feature, XI 2.3 adds two
disctinct features to barriers:
* the ability for clients to get notified if pointer movement is restricted
by a barrier
* the ability for clients to allow a pointer to move through a barrier after
it was constrained by the barrier
For a more verbose explanation of these features please refer to:
http://who-t.blogspot.com.au/2012/12/whats-new-in-xi-23-pointer-barrier.html
Two man page fixes and a fix to enable generic event copying for raw touch
events (using in e.g. XPeekEvent())
Benjamin Tissoires (1):
Add missing XI_RawTouch* in XInputCopyCookie
Peter Hutterer (3):
man: fix formatting issues in XGetDeviceControl(3)
man: add generation of missing man pages for XIGrabTouchBegin
libXi 1.6.2
1.6.1:
Major bugs fixed:
- wrong button and mask copy (doesn't just affect OS X, despite the commit
log)
- raw event sourceid is now set
Chase Douglas (1):
Destroy extension record after last display is removed
Peter Hutterer (5):
Fix wrong button label and mask copy on OS X
Move version comparison into a helper function.
Set the RawEvent sourceid (#34240)
man: update XIQueryVersion for current server behaviour
libXi 1.6.1
1.6.0:
The main fix that libXi 1.6 brings is support for XI 2.2 multitouch events
and the matching protocol changes.
Chase Douglas (1):
Fix XIScrollClass increment value on 32-bit machines
Cyril Brulebois (1):
configure.ac: Fix a typo in comments.
Michał Masłowski (1):
Fix bus error on MIPS N32 for bug #38331.
Peter Hutterer (8):
Bump to 1.5.99.1
Implement support for XI 2.2
libXi 1.5.99.2
man: fix typo Mappiing → Mapping
Force class alignment to a multiple of sizeof(XID).
Handle new XIAllowEvent request size
libXi 1.5.99.3
libXi 1.6.0
1.5.0:
libXi 1.5.0 is an interim version of libXi that includes the smooth
scrolling support that XI 2.1 brings. Note that no servers released by X.Org
currently supports smooth scrolling, this feature is still limited to the
1.12 development versions.
In addition to the smooth scrolling support, this release brings a number of
cleanups, bugfixes (most of which were on 1.4.5) and a set of man page
improvements.
Alan Coopersmith (3):
Move Xinput server API documentation from libXi to xserver
Fix the FIXME output in man page .TH macros generated by asciidoc
Make shadow man pages generated by asciidoc work with Solaris man
Gaetan Nadon (13):
Documentation: add Docbook external references support
make: remove unneeded AM_V_GEN silent rule directive.
make: use AM_V_at rather than AM_V_GEN to prefix the mv command
Install target dbs alongside generated documents
Install xml versions of specs even if HAVE_XMLTO is false
docbook.am: global maintenance update - entities, images and olinking
docbook.am: embed css styles inside the HTML HEAD element
docs: remove <productnumber> which is not used by default
docs: use the &fullrelvers; entity to set X11 release information
inputlib: fix copyright statements
inputlib: prefix 1.0 with the word Version
inputlib: restore original title "X Input Device Extension Library"
specs: refactor and complete copyright legal text
Jeremy Huddleston (1):
Use AM_CPPFLAGS to use in tree headers before installed headers
Matt Dew (2):
Add id attributes to funcsynopsis to allow other docs to olink to them.
1 - fix the capitalization of the ID attriutes to match either the
Matthieu Herrb (1):
Fix XISelectEvents on 64 bits, strict alignement architectures.
Peter Hutterer (34):
Allocate enough memory for raw events + extra data.
XIChangeHierarchy: Return Success early if no actual changes are
requested.
Remove a few unused assignments.
man: fix typo, layout in XGetExtensionVersion.man
Silence compiler warning in XListDProp.c
Silence compiler warning due to differnent event conversion procs
man: fix missing comma in XIGrabEnter man page
Use Data, not Data32 in XIPassiveGrabDevice
man: Fix wrong event names in XIGrabButton.
man: Fix typo in XIChangeProperty
Bump to 1.4.99
man: Fix formatting in XGetFeedbackControl
Add XI2 library-internal array offsets to XIint.h
Don't use the protocol defines for 2.0 versioning.
Handle unknown device classes.
man: fix typo in XIQueryDevice man page
man: update property and grab man pages for new constants
Handle unknown device classes.
man: fix typo in XIQueryDevice man page
man: update property and grab man pages for new constants
Require inputproto 2.0.99.1 or later
Support XI 2.1 internally
Support XI 2.1 XIScrollClass
Use a separate nclasses variable in XIQueryDevice
Remove superfluous assignment of lib->classes in XIQueryDevices.
Bump to 1.4.99.1
man: fix #include for XIGrabButton
man: XIGrabButton returns error codes, not status codes
man: passive grabs return the number of failed modifier combinations
Fix duplicate sizeof in copy_classes
Stop unnecessary calls to size_classes
Include config.h from source files
man: minor formatting fix in XIGrabButton
libXi 1.5.0
1.4.5:
libXi 1.4.4 caused requests to fail if the library was built against 2.1 or
2.2 protocol headers.
Instead of requiring 2.0 for XI2 requests, the library required the protocol
version (2.1 or 2.2 depending on the proto) and failed if the server did not
support that version. This again caused virtually all XI2 requests to fail
if you didn't happen to run an X server from git.
The patch below hardcodes 2.0 for those requests that require 2.0,
regardless of the protocol version. You are strongly enocuraged to update.
This issue is not visible when built against inputproto 2.0.x
Peter Hutterer (2):
Don't use the protocol defines for 2.0 versioning.
libXi 1.4.5
1.4.4:
libXi 1.4.4 comes with two memory fixes that can cause crashes in clients.
Commit "Handle unknown device classes" can only be triggered when libXi
1.4.x runs against the git X server. If the XIQueryDevice() reply contained
classes unknown to libXi, we didn't allocate memory for these classes and
ended up overwriting valid ones.
Commit "Fix duplicate sizeof in copy_classes" fixes a typo, instead of
malloc(X * sizeof(Y)) the code called malloc(sizeof(X * sizeof(Y))). This
could lead to memory corruption.
Peter Hutterer (8):
man: Fix formatting in XGetFeedbackControl
man: fix typo in XIQueryDevice man page
Handle unknown device classes.
man: fix #include for XIGrabButton
man: XIGrabButton returns error codes, not status codes
man: passive grabs return the number of failed modifier combinations
Fix duplicate sizeof in copy_classes
libXi 1.4.4
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
libXi 1.2.1.
Fixes a potential memory overflow in XGetDeviceControl.
Alan Coopersmith (1):
Add README with pointers to mailing list, bugzilla & git repos
Paulo Cesar Pereira de Andrade (1):
Return NULL on error, and match LockDisplay with UnlockDisplay.
Peter Hutterer (3):
XGetDeviceControl: Add a missing break leading to wrong length calculation.
XGetDeviceControl: size the libXi structs, not the wire structs (#20293)
libXi 1.2.1
Following the inputproto 1.5 release adding input device properties,
here's the matching client-side libraries.
Peter Hutterer (4):
Bump to 1.1.99.2.
Add XI_JOYSTICK to list of defined types.
Add support for XI 1.5 device properties.
libXi 1.2.0
(pkgsrc already contained the Coverity and GetDeviceControl patches)
Alan Coopersmith (1):
Coverity #743/744: Returned without freeing storage bufp/savp
Matthieu Herrb (1):
nuke RCS Ids
Peter Hutterer (2):
GetDeviceControl: calculate the length field correctly.
libXi 1.1.4
The most important feature of this release is a set of locking fixes,
which unbreak this library for threaded apps. The lock issues were
exposed by libxcb.
-- XChangeDeviceControl: Fix completely broken locking
-- XSetDeviceFocus: Add missing extension check
-- XGetSelectedExtensionEvents: Still more locking bugs
-- Bug #9659: Bad markup on XListInputDevices.3x
1.0.0 -> 1.0.1: non-functional
1.0.1 -> 1.0.2: don't call XInput_find_display with the Display lock
held, saves time as well
1.0.2 -> 1.1.0: use interface for device presense notification.
This package contains the Xi extension. This is the X Input extension
library.
This is part of the X Libraries and Protocol Headers Project at
freedesktop.org.