Do not override realloc's input pointer before checking for errors,
otherwise it's not possible to keep old value, as intended.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
If cursor files require more than INT_MAX bytes, it is possible to
trigger out of boundary writes.
Since these sizes are most likely not desired anyway, gracefully
handle these situations like out of memory errors.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
If the full path could not be constructed, avoid calling opendir(NULL)
which, depending on library, might trigger undefined behavior.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
If an index.theme contains a theme name which gets close to INT_MAX,
then creation of full path can lead to a signed integer overflow,
which is undefined behavior.
Fix this by turning one of the values to size_t. Easy solution for a
probably never occurring issue.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
From cleanup commit 0cecde304:
assert()s can be compiled away by #defining NDEBUG. Some build systems
do this. Using wl_abort gives a human readable error message and it
isn't compiled away.
That commit missed one final assert, presumably due to missing it with
grep because of a coding style issue. Fix that up, and remove inclusion
of <assert.h> as appropriate.
Signed-off-by: Derek Foreman <derek.foreman@collabora.com>
As of currently, when an xcursor theme depends on itself or another theme
that will eventually depend on it, `xcursor_load_theme` will recurse
infinitely while processing the inherits.
This change introduces a stack-allocated linked list of visited nodes
by name, and skips any already visited nodes in the inherit list.
Side effects:
* Since the linked list is stack-allocated, there is a potential for an
overflow if there is a very long list of dependencies. If this turns out
to be a legitimate concern, the linked list is trivial to convert to
being heap-allocated.
* There is an existing linked list (technically doubly linked list)
implementation in the wayland codebase. As of currently, the xcursor
codebase does not refer to it. Consequently, this change writes a
minimal single linked list implementation to utilize directly.
This changeset fixes#317.
Signed-off-by: Chloé Vulquin <toast@bunkerlabs.net>
Effective from Linux 6.3 onward, this creates the memfd without execute
permissions and prevents that setting from ever being changed. A
run-time fallback is made to not using MFD_NOEXEC_SEAL when a
libwayland-cursor compiled on Linux >= 6.3 is run on Linux < 6.3.
This is a defense-in-depth security measure and silences a respective
kernel warning; see: https://lwn.net/Articles/918106/
This implementation is adopted from dnkl's `foot` terminal emulator.
Signed-off-by: 6t8k <6t8k@noreply.codeberg.org>
The cursor name spec [1] describes how cursors should be named,
and is widely used. Add aliases so that users can pass these
names to libwayland-cursor without having to add fallbacks for
X11 cursor names.
[1]: https://www.freedesktop.org/wiki/Specifications/cursor-spec/
Signed-off-by: Simon Ser <contact@emersion.fr>
There was a mismatch here.
Use a good-looking function param name because that's what will
show up in docs. Use an abbreviation inside the function.
Fixes the following warnings:
cursor/wayland-cursor.c:504: warning: argument 'cursor' of command @param is not found in the argument list of wl_cursor_frame(struct wl_cursor *_cursor, uint32_t time)
cursor/wayland-cursor.c:504: warning: The following parameter of wl_cursor_frame(struct wl_cursor *_cursor, uint32_t time) is not documented:
parameter '_cursor'
cursor/wayland-cursor.c:452: warning: argument 'cursor' of command @param is not found in the argument list of wl_cursor_frame_and_duration(struct wl_cursor *_cursor, uint32_t time, uint32_t *duration)
cursor/wayland-cursor.c:452: warning: The following parameter of wl_cursor_frame_and_duration(struct wl_cursor *_cursor, uint32_t time, uint32_t *duration) is not documented:
parameter '_cursor'
cursor/wayland-cursor.c:147: warning: argument 'image' of command @param is not found in the argument list of wl_cursor_image_get_buffer(struct wl_cursor_image *_img)
cursor/wayland-cursor.c:147: warning: The following parameter of wl_cursor_image_get_buffer(struct wl_cursor_image *_img) is not documented:
parameter '_img'
cursor/wayland-cursor.c:504: warning: argument 'cursor' of command @param is not found in the argument list of wl_cursor_frame(struct wl_cursor *_cursor, uint32_t time)
cursor/wayland-cursor.c:504: warning: The following parameter of wl_cursor_frame(struct wl_cursor *_cursor, uint32_t time) is not documented:
parameter '_cursor'
cursor/wayland-cursor.c:452: warning: argument 'cursor' of command @param is not found in the argument list of wl_cursor_frame_and_duration(struct wl_cursor *_cursor, uint32_t time, uint32_t *duration)
cursor/wayland-cursor.c:452: warning: The following parameter of wl_cursor_frame_and_duration(struct wl_cursor *_cursor, uint32_t time, uint32_t *duration) is not documented:
parameter '_cursor'
cursor/wayland-cursor.c:147: warning: argument 'image' of command @param is not found in the argument list of wl_cursor_image_get_buffer(struct wl_cursor_image *_img)
cursor/wayland-cursor.c:147: warning: The following parameter of wl_cursor_image_get_buffer(struct wl_cursor_image *_img) is not documented:
parameter '_img'
Signed-off-by: Simon Ser <contact@emersion.fr>
If os_resize_anonymous_file() called from os_create_anonymous_file()
fails with EINTR (Interrupted system call), then the buffer allocation
fails.
To avoid that, retry posix_fallocate() on EINTR.
However, in the presence of an alarm, the interrupt may trigger
repeatedly and prevent a large posix_fallocate() to ever complete
successfully, so we need to first block SIGALRM to prevent this.
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
The [spec][1] reads:
> All paths set in these environment variables must be absolute. If an
> implementation encounters a relative path in any of these variables it should
> consider the path invalid and ignore it.
and
> If $XDG_DATA_HOME is either not set or empty, a default equal to
> $HOME/.local/share should be used.
Testing that the path is absolute also entails that is is non-empty.
[1]: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
Signed-off-by: Antonin Décimo <antonin.decimo@gmail.com>
- Use early returns
- De-duplicate XDG_DATA_HOME code-paths
- Don't crash on allocation failure
- Use size_t when appropriate
- Fix indentation
Signed-off-by: Simon Ser <contact@emersion.fr>
We don't ever need to set the name multiple times for a single
struct xcursor_images, so we can just set the field directly. Also
replace the hand-rolled logic with strdup.
Signed-off-by: Simon Ser <contact@emersion.fr>
Improves readability since there's no need for so many parentheses
anymore, adds type safety. The compiler will inline the function
automatically as necessary.
Signed-off-by: Simon Ser <contact@emersion.fr>
XcursorLibraryLoadImages() function is unused and not exported according to
objdump, so its removal should be an ABI compatible change.
Signed-off-by: Vlad Zahorodnii <vlad.zahorodnii@kde.org>
Currently libwayland assumes GNU extensions will be available, but
doesn't define the C standard to use. Instead, let's unconditionally
enable POSIX extensions, and enable GNU extensions on a case-by-case
basis as needed.
Signed-off-by: Simon Ser <contact@emersion.fr>
Make it easier to use Wayland as a Meson subproject by overriding
dependencies we define. This allows to easily build Wayland as a
subproject like so:
subproject('wayland', required: false, default_options: ['documentation=false'])
After this statement, the wayland-* dependencies will use the subproject
instead of the system if available.
Signed-off-by: Simon Ser <contact@emersion.fr>
The ABI of a shared library on Linux is given by a major version, which
is part of the SONAME and is incremented (rarely) on incompatible
changes, and a minor version, which is part of the basename of the
regular file to which the SONAME provides a symlink.
Until now, the ABI minor version was hard-coded, which means we can't
tell which of a pair of Wayland libraries is newer (and therefore
likely to have more symbols and/or fewer bugs).
libwayland-egl already had ABI major version 1, so we can use the
"marketing" version number as the ABI major.minor version number
directly, so Wayland 1.19.90 would produce
libwayland-egl.so.1 -> libwayland-egl.so.1.19.90.
libwayland-cursor and libwayland-server have ABI major version 0,
and OS distributions don't like it when there's a SONAME bump for no
good reason, so use their existing ABI major version together with
the "marketing" minor version:
libwayland-cursor.so.0 -> libwayland-cursor.so.0.19.90.
If the Wayland major version number is incremented to 2, we'll have to
rethink this, so add some error() to break the build if/when that
happens. Assuming that Wayland 2.0 would involve breaking changes,
the best way would probably to bump all the SONAMEs to
libwayland-foo.so.2.
Resolves: https://gitlab.freedesktop.org/wayland/wayland/-/issues/175
Signed-off-by: Simon McVittie <smcv@collabora.com>
