# HG changeset patch
# User Niveditha Rau <Niveditha.Rau@Oracle.COM>
# Date 1429887944 25200
# Node ID 34b08166bf33dcd6d4aa3e1a5f5fbbeb07ede792
# Parent  883f5061560c54f19cee05480a3dfaadbdc8b7a4
19811326 problem in X11/VNC
20738319 Refactor gtf(1) out of the primary X server package

diff -r 883f5061560c -r 34b08166bf33 open-src/xserver/xorg/Makefile
--- a/open-src/xserver/xorg/Makefile	Wed Apr 15 12:39:55 2015 -0700
+++ b/open-src/xserver/xorg/Makefile	Fri Apr 24 08:05:44 2015 -0700
@@ -115,6 +115,8 @@
 SUNTOUCH_MAN_FLAGS_Xvfb = -o '{Availability, $(MODULE_PKGNAME:%xorg=%xvfb)}'
 SUNTOUCH_MAN_FLAGS_Xdmx = -o '{Availability, $(MODULE_PKGNAME:%xorg=%xdmx)}'
 SUNTOUCH_MAN_FLAGS_Xserver = -o '{Availability, $(MODULE_PKGNAME:%xorg=%xserver-common)}'
+SUNTOUCH_MAN_FLAGS_cvt = -o '{Availability, x11/modeline-utilities}'
+SUNTOUCH_MAN_FLAGS_gtf = -o '{Availability, x11/modeline-utilities}'
 SUNTOUCH_MAN_FLAGS_xdmxconfig = $(SUNTOUCH_MAN_FLAGS_Xdmx)
 SUNTOUCH_MAN_FLAGS_vdltodmx = $(SUNTOUCH_MAN_FLAGS_Xdmx)
 SUNTOUCH_MAN_FLAGS_dmxtodmx = $(SUNTOUCH_MAN_FLAGS_Xdmx)
@@ -296,12 +298,14 @@
 XVFB_PKG_METADATA_DIR =	  $(MODULE_PKG_METADATA_DIR:%-xorg=%-xvfb)
 XDMX_PKG_METADATA_DIR =	  $(MODULE_PKG_METADATA_DIR:%-xorg=%-xdmx)
 XTSOL_PKG_METADATA_DIR =  $(MODULE_PKG_METADATA_DIR:%-server-xorg=%-trusted-trusted-xorg)
+MODES_PKG_METADATA_DIR = $(MODULE_PKG_METADATA_DIR:%-server-xorg=%-modeline-utilities)
 
 EXTRA_METADATA_DIRS =	$(XCOMMON_PKG_METADATA_DIR) \
 			$(XEPHYR_PKG_METADATA_DIR) \
 			$(XVFB_PKG_METADATA_DIR) \
 			$(XDMX_PKG_METADATA_DIR) \
-			$(XTSOL_PKG_METADATA_DIR)
+			$(XTSOL_PKG_METADATA_DIR) \
+			$(MODES_PKG_METADATA_DIR)
 
 EXTRA_ATTRDATA_FILES = $(EXTRA_METADATA_DIRS:%=%/$(ATTRDATA_FILE_NAME))
 EXTRA_LICENSE_FILES =  $(EXTRA_METADATA_DIRS:%=%/$(LICENSE_FILE_NAME))
diff -r 883f5061560c -r 34b08166bf33 open-src/xserver/xvnc/CVE-2014-8240.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/open-src/xserver/xvnc/CVE-2014-8240.patch	Fri Apr 24 08:05:44 2015 -0700
@@ -0,0 +1,34 @@
+--- a/unix/x0vncserver/Image.cxx	Wed Oct 22 10:30:27 2014
++++ b/unix/x0vncserver/Image.cxx	Wed Oct 22 10:46:12 2014
+@@ -79,6 +79,13 @@
+ 
+   xim = XCreateImage(dpy, vis, DefaultDepth(dpy, DefaultScreen(dpy)),
+                      ZPixmap, 0, 0, width, height, BitmapPad(dpy), 0);
++  if (xim->bytes_per_line <= 0 ||
++      xim->height <= 0 ||
++      xim->height >= INT_MAX / xim->bytes_per_line) {
++    vlog.error("Invalid display size");
++    XDestroyImage(xim);
++    exit(1);
++  }
+ 
+   xim->data = (char *)malloc(xim->bytes_per_line * xim->height);
+   if (xim->data == NULL) {
+@@ -256,6 +263,17 @@
+     return;
+   }
+ 
++  if (xim->bytes_per_line <= 0 ||
++      xim->height <= 0 ||
++      xim->height >= INT_MAX / xim->bytes_per_line) {
++    vlog.error("Invalid display size");
++    XDestroyImage(xim);
++    xim = NULL;
++    delete shminfo;
++    shminfo = NULL;
++    return; 
++  }
++
+   shminfo->shmid = shmget(IPC_PRIVATE,
+                           xim->bytes_per_line * xim->height,
+                           IPC_CREAT|0777);
diff -r 883f5061560c -r 34b08166bf33 open-src/xserver/xvnc/Makefile
--- a/open-src/xserver/xvnc/Makefile	Wed Apr 15 12:39:55 2015 -0700
+++ b/open-src/xserver/xvnc/Makefile	Fri Apr 24 08:05:44 2015 -0700
@@ -80,6 +80,7 @@
 SOURCE_PATCHES += solaris-port.patch,-p1
 SOURCE_PATCHES += solaris-audit.patch,-p1
 SOURCE_PATCHES += 17950657.patch,-p1
+SOURCE_PATCHES += CVE-2014-8240.patch,-p1
 
 # Need to regenerate autoconf/automake files after patching
 AUTORECONF=yes
diff -r 883f5061560c -r 34b08166bf33 pkg/manifests/x11-modeline-utilities.p5m
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/pkg/manifests/x11-modeline-utilities.p5m	Fri Apr 24 08:05:44 2015 -0700
@@ -0,0 +1,29 @@
+# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice (including the next
+# paragraph) shall be included in all copies or substantial portions of the
+# Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+# DEALINGS IN THE SOFTWARE.
+#
+set name=pkg.fmri value=pkg:/x11/modeline-utilities@__version:xorg-server__
+set name=pkg.summary value="Utilities for generating modelines"
+set name=pkg.description \
+    value="This a collection of small utilities for calculating Coordinated Video Timing (CVT) and Generalized Timing Formula (GTF) VESA mode lines.  They provide output suitable for use with the Xorg xorg.conf(4) configuration file."
+file path=usr/bin/cvt
+file path=usr/bin/gtf
+file path=usr/share/man/man1/cvt.1
+file path=usr/share/man/man1/gtf.1
diff -r 883f5061560c -r 34b08166bf33 pkg/manifests/x11-server-xorg.p5m
--- a/pkg/manifests/x11-server-xorg.p5m	Wed Apr 15 12:39:55 2015 -0700
+++ b/pkg/manifests/x11-server-xorg.p5m	Fri Apr 24 08:05:44 2015 -0700
@@ -1,4 +1,4 @@
-# Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2010, 2015, Oracle and/or its affiliates. All rights reserved.
 #
 # Permission is hereby granted, free of charge, to any person obtaining a
 # copy of this software and associated documentation files (the "Software"),
@@ -38,8 +38,6 @@
 # On SPARC, Xorg only requires setuid root in order to create the
 # Xorg.*.log file in /var/log
 file path=usr/bin/Xorg owner=root mode=4555
-file path=usr/bin/cvt
-file path=usr/bin/gtf
 dir  path=usr/include/xorg
 file path=usr/include/xorg/BT.h
 file path=usr/include/xorg/IBM.h
@@ -246,8 +244,6 @@
     path=usr/share/doc/release-notes/x11:server:xorg:driver:xorg-video-trident-1.txt \
     release-note=pkg:/x11/server/xorg/driver/xorg-video-trident@1.3.6,5.11-0.175.2.0.0.22.0
 file path=usr/share/man/man1/Xorg.1
-file path=usr/share/man/man1/cvt.1
-file path=usr/share/man/man1/gtf.1
 file path=usr/share/man/man1/xorgcfg.1
 file path=usr/share/man/man1/xorgconfig.1
 file path=usr/share/man/man4/xorg.conf.4
@@ -261,6 +257,10 @@
     desc="X Window System server based on X.Org Foundation open source release" \
     name="X.Org Foundation Xserver"
 
+# cvt and gtf were part of the Xorg pkg - moving them to a different pkg
+# as per 20738319
+depend type=group fmri=pkg:/x11/modeline-utilities
+
 # keyboard & mouse drivers used to be part of this package, so we preserve
 # the dependency to ensure they're not lost on upgrade, and normally installed
 # on fresh install, but make it a group dependency, so that users can choose