File U_auth-remove-AuthToIDFunc-and-associated-functions.patch of Package xorg-x11-server.15942

Git-commit: 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683
Patch-mainline: Upstream
Author: Matthieu Herrb <matthieu@herrb.eu>
Subject: auth: remove AuthToIDFunc and associated functions. Not used anymore.
References: bnc#1025035
Signed-off-by: Michal Srb <msrb@suse.com>

And the current code for MitToId has a use-after-free() issue.

[Also remove the actual implementations - ajax]

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

diff --git a/os/auth.c b/os/auth.c
index 81164a2f5..41b625db5 100644
--- a/os/auth.c
+++ b/os/auth.c
@@ -55,7 +55,6 @@ struct protocol {
     AuthAddCFunc Add;           /* new authorization data */
     AuthCheckFunc Check;        /* verify client authorization data */
     AuthRstCFunc Reset;         /* delete all authorization data entries */
-    AuthToIDFunc ToID;          /* convert cookie to ID */
     AuthFromIDFunc FromID;      /* convert ID to cookie */
     AuthRemCFunc Remove;        /* remove a specific cookie */
 #ifdef XCSECURITY
@@ -66,7 +65,7 @@ struct protocol {
 static struct protocol protocols[] = {
     {(unsigned short) 18, "MIT-MAGIC-COOKIE-1",
      MitAddCookie, MitCheckCookie, MitResetCookie,
-     MitToID, MitFromID, MitRemoveCookie,
+     MitFromID, MitRemoveCookie,
 #ifdef XCSECURITY
      MitGenerateCookie
 #endif
@@ -74,7 +73,7 @@ static struct protocol protocols[] = {
 #ifdef HASXDMAUTH
     {(unsigned short) 19, "XDM-AUTHORIZATION-1",
      XdmAddCookie, XdmCheckCookie, XdmResetCookie,
-     XdmToID, XdmFromID, XdmRemoveCookie,
+     XdmFromID, XdmRemoveCookie,
 #ifdef XCSECURITY
      NULL
 #endif
@@ -83,7 +82,7 @@ static struct protocol protocols[] = {
 #ifdef SECURE_RPC
     {(unsigned short) 9, "SUN-DES-1",
      SecureRPCAdd, SecureRPCCheck, SecureRPCReset,
-     SecureRPCToID, SecureRPCFromID, SecureRPCRemove,
+     SecureRPCFromID, SecureRPCRemove,
 #ifdef XCSECURITY
      NULL
 #endif
diff --git a/os/mitauth.c b/os/mitauth.c
index efae4404c..e75d700e1 100644
--- a/os/mitauth.c
+++ b/os/mitauth.c
@@ -97,19 +97,6 @@ MitResetCookie(void)
     return 0;
 }
 
-XID
-MitToID(unsigned short data_length, char *data)
-{
-    struct auth *auth;
-
-    for (auth = mit_auth; auth; auth = auth->next) {
-        if (data_length == auth->len &&
-            memcmp(data, auth->data, data_length) == 0)
-            return auth->id;
-    }
-    return (XID) -1;
-}
-
 int
 MitFromID(XID id, unsigned short *data_lenp, char **datap)
 {
diff --git a/os/osdep.h b/os/osdep.h
index 90a247fab..a0d57b8db 100644
--- a/os/osdep.h
+++ b/os/osdep.h
@@ -113,9 +113,6 @@ typedef int (*AuthRemCFunc) (AuthRemCArgs);
 #define AuthRstCArgs void
 typedef int (*AuthRstCFunc) (AuthRstCArgs);
 
-#define AuthToIDArgs unsigned short data_length, char *data
-typedef XID (*AuthToIDFunc) (AuthToIDArgs);
-
 typedef void (*OsCloseFunc) (ClientPtr);
 
 typedef int (*OsFlushFunc) (ClientPtr who, struct _osComm * oc, char *extraBuf,
@@ -185,7 +182,6 @@ extern void GenerateRandomData(int len, char *buf);
 /* in mitauth.c */
 extern XID MitCheckCookie(AuthCheckArgs);
 extern XID MitGenerateCookie(AuthGenCArgs);
-extern XID MitToID(AuthToIDArgs);
 extern int MitAddCookie(AuthAddCArgs);
 extern int MitFromID(AuthFromIDArgs);
 extern int MitRemoveCookie(AuthRemCArgs);
@@ -194,7 +190,6 @@ extern int MitResetCookie(AuthRstCArgs);
 /* in xdmauth.c */
 #ifdef HASXDMAUTH
 extern XID XdmCheckCookie(AuthCheckArgs);
-extern XID XdmToID(AuthToIDArgs);
 extern int XdmAddCookie(AuthAddCArgs);
 extern int XdmFromID(AuthFromIDArgs);
 extern int XdmRemoveCookie(AuthRemCArgs);
@@ -205,7 +200,6 @@ extern int XdmResetCookie(AuthRstCArgs);
 #ifdef SECURE_RPC
 extern void SecureRPCInit(AuthInitArgs);
 extern XID SecureRPCCheck(AuthCheckArgs);
-extern XID SecureRPCToID(AuthToIDArgs);
 extern int SecureRPCAdd(AuthAddCArgs);
 extern int SecureRPCFromID(AuthFromIDArgs);
 extern int SecureRPCRemove(AuthRemCArgs);
diff --git a/os/rpcauth.c b/os/rpcauth.c
index 5680489f7..33260db72 100644
--- a/os/rpcauth.c
+++ b/os/rpcauth.c
@@ -175,12 +175,6 @@ SecureRPCReset(void)
     return 1;
 }
 
-_X_HIDDEN XID
-SecureRPCToID(unsigned short data_length, char *data)
-{
-    return rpc_id;
-}
-
 _X_HIDDEN int
 SecureRPCFromID(XID id, unsigned short *data_lenp, char **datap)
 {
diff --git a/os/xdmauth.c b/os/xdmauth.c
index cb2e39e12..c35cade5b 100644
--- a/os/xdmauth.c
+++ b/os/xdmauth.c
@@ -411,33 +411,6 @@ XdmResetCookie(void)
     return 1;
 }
 
-XID
-XdmToID(unsigned short cookie_length, char *cookie)
-{
-    XdmAuthorizationPtr auth;
-    XdmClientAuthPtr client;
-    unsigned char *plain;
-
-    plain = malloc(cookie_length);
-    if (!plain)
-        return (XID) -1;
-    for (auth = xdmAuth; auth; auth = auth->next) {
-        XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key,
-                    plain, cookie_length);
-        if ((client =
-             XdmAuthorizationValidate(plain, cookie_length, &auth->rho, NULL,
-                                      NULL)) != NULL) {
-            free(client);
-            free(cookie);
-            free(plain);
-            return auth->id;
-        }
-    }
-    free(cookie);
-    free(plain);
-    return (XID) -1;
-}
-
 int
 XdmFromID(XID id, unsigned short *data_lenp, char **datap)
 {