File U_auth-remove-AuthToIDFunc-and-associated-functions.-N.patch of Package xorg-x11-server.7379
From 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683 Mon Sep 17 00:00:00 2001
From: Matthieu Herrb <matthieu@herrb.eu>
Date: Tue, 28 Feb 2017 19:18:56 +0100
Subject: [PATCH xserver] auth: remove AuthToIDFunc and associated functions.
Not used anymore.
And the current code for MitToId has a use-after-free() issue.
[Also remove the actual implementations - ajax]
Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
os/auth.c | 7 +++----
os/mitauth.c | 13 -------------
os/osdep.h | 6 ------
os/rpcauth.c | 6 ------
os/xdmauth.c | 27 ---------------------------
5 files changed, 3 insertions(+), 56 deletions(-)
Index: xorg-server-1.18.3/os/auth.c
===================================================================
--- xorg-server-1.18.3.orig/os/auth.c
+++ xorg-server-1.18.3/os/auth.c
@@ -55,7 +55,6 @@ struct protocol {
AuthAddCFunc Add; /* new authorization data */
AuthCheckFunc Check; /* verify client authorization data */
AuthRstCFunc Reset; /* delete all authorization data entries */
- AuthToIDFunc ToID; /* convert cookie to ID */
AuthFromIDFunc FromID; /* convert ID to cookie */
AuthRemCFunc Remove; /* remove a specific cookie */
#ifdef XCSECURITY
@@ -66,7 +65,7 @@ struct protocol {
static struct protocol protocols[] = {
{(unsigned short) 18, "MIT-MAGIC-COOKIE-1",
MitAddCookie, MitCheckCookie, MitResetCookie,
- MitToID, MitFromID, MitRemoveCookie,
+ MitFromID, MitRemoveCookie,
#ifdef XCSECURITY
MitGenerateCookie
#endif
@@ -74,7 +73,7 @@ static struct protocol protocols[] = {
#ifdef HASXDMAUTH
{(unsigned short) 19, "XDM-AUTHORIZATION-1",
XdmAddCookie, XdmCheckCookie, XdmResetCookie,
- XdmToID, XdmFromID, XdmRemoveCookie,
+ XdmFromID, XdmRemoveCookie,
#ifdef XCSECURITY
NULL
#endif
@@ -83,7 +82,7 @@ static struct protocol protocols[] = {
#ifdef SECURE_RPC
{(unsigned short) 9, "SUN-DES-1",
SecureRPCAdd, SecureRPCCheck, SecureRPCReset,
- SecureRPCToID, SecureRPCFromID, SecureRPCRemove,
+ SecureRPCFromID, SecureRPCRemove,
#ifdef XCSECURITY
NULL
#endif
Index: xorg-server-1.18.3/os/mitauth.c
===================================================================
--- xorg-server-1.18.3.orig/os/mitauth.c
+++ xorg-server-1.18.3/os/mitauth.c
@@ -97,19 +97,6 @@ MitResetCookie(void)
return 0;
}
-XID
-MitToID(unsigned short data_length, char *data)
-{
- struct auth *auth;
-
- for (auth = mit_auth; auth; auth = auth->next) {
- if (data_length == auth->len &&
- memcmp(data, auth->data, data_length) == 0)
- return auth->id;
- }
- return (XID) -1;
-}
-
int
MitFromID(XID id, unsigned short *data_lenp, char **datap)
{
Index: xorg-server-1.18.3/os/osdep.h
===================================================================
--- xorg-server-1.18.3.orig/os/osdep.h
+++ xorg-server-1.18.3/os/osdep.h
@@ -133,9 +133,6 @@ typedef int (*AuthRemCFunc) (AuthRemCArg
#define AuthRstCArgs void
typedef int (*AuthRstCFunc) (AuthRstCArgs);
-#define AuthToIDArgs unsigned short data_length, char *data
-typedef XID (*AuthToIDFunc) (AuthToIDArgs);
-
typedef void (*OsCloseFunc) (ClientPtr);
typedef int (*OsFlushFunc) (ClientPtr who, struct _osComm * oc, char *extraBuf,
@@ -200,7 +197,6 @@ extern void GenerateRandomData(int len,
/* in mitauth.c */
extern XID MitCheckCookie(AuthCheckArgs);
extern XID MitGenerateCookie(AuthGenCArgs);
-extern XID MitToID(AuthToIDArgs);
extern int MitAddCookie(AuthAddCArgs);
extern int MitFromID(AuthFromIDArgs);
extern int MitRemoveCookie(AuthRemCArgs);
@@ -209,7 +205,6 @@ extern int MitResetCookie(AuthRstCArgs);
/* in xdmauth.c */
#ifdef HASXDMAUTH
extern XID XdmCheckCookie(AuthCheckArgs);
-extern XID XdmToID(AuthToIDArgs);
extern int XdmAddCookie(AuthAddCArgs);
extern int XdmFromID(AuthFromIDArgs);
extern int XdmRemoveCookie(AuthRemCArgs);
@@ -220,7 +215,6 @@ extern int XdmResetCookie(AuthRstCArgs);
#ifdef SECURE_RPC
extern void SecureRPCInit(AuthInitArgs);
extern XID SecureRPCCheck(AuthCheckArgs);
-extern XID SecureRPCToID(AuthToIDArgs);
extern int SecureRPCAdd(AuthAddCArgs);
extern int SecureRPCFromID(AuthFromIDArgs);
extern int SecureRPCRemove(AuthRemCArgs);
Index: xorg-server-1.18.3/os/rpcauth.c
===================================================================
--- xorg-server-1.18.3.orig/os/rpcauth.c
+++ xorg-server-1.18.3/os/rpcauth.c
@@ -175,12 +175,6 @@ SecureRPCReset(void)
return 1;
}
-_X_HIDDEN XID
-SecureRPCToID(unsigned short data_length, char *data)
-{
- return rpc_id;
-}
-
_X_HIDDEN int
SecureRPCFromID(XID id, unsigned short *data_lenp, char **datap)
{
Index: xorg-server-1.18.3/os/xdmauth.c
===================================================================
--- xorg-server-1.18.3.orig/os/xdmauth.c
+++ xorg-server-1.18.3/os/xdmauth.c
@@ -411,33 +411,6 @@ XdmResetCookie(void)
return 1;
}
-XID
-XdmToID(unsigned short cookie_length, char *cookie)
-{
- XdmAuthorizationPtr auth;
- XdmClientAuthPtr client;
- unsigned char *plain;
-
- plain = malloc(cookie_length);
- if (!plain)
- return (XID) -1;
- for (auth = xdmAuth; auth; auth = auth->next) {
- XdmcpUnwrap((unsigned char *) cookie, (unsigned char *) &auth->key,
- plain, cookie_length);
- if ((client =
- XdmAuthorizationValidate(plain, cookie_length, &auth->rho, NULL,
- NULL)) != NULL) {
- free(client);
- free(cookie);
- free(plain);
- return auth->id;
- }
- }
- free(cookie);
- free(plain);
- return (XID) -1;
-}
-
int
XdmFromID(XID id, unsigned short *data_lenp, char **datap)
{
