x11-misc/alock: revbump to 94-r1

* Fix printf issue on compiling
* Remove dependency on libXxf86misc; it's deprecated
* Correct strict-aliasing error
* Correct handling of setuid() return value

Patches will be presented to upstream for review

Package-Manager: portage-2.2.26

4 files changed, 206 insertions, 0 deletions

diff --git a/x11-misc/alock/files/check-setuid.patch b/x11-misc/alock/files/check-setuid.patch
new file mode 100644
index 000000000000..d29beb072950
--- /dev/null
+++ b/x11-misc/alock/files/check-setuid.patch
@@ -0,0 +1,31 @@
+--- a/src/auth_pam.c
++++ b/src/auth_pam.c
+@@ -138,7 +138,12 @@
+ 
+     /* we can be installed setuid root to support shadow passwords,
+        and we don't need root privileges any longer.  --marekm */
+-    setuid(getuid());
++    int retval;
++    retval = setuid(getuid());
++    /* if setuid's return value isn't checked, it's a security issue */
++    if (retval != 0) {
++        return 0;
++    }
+ 
+     return 1;
+ }
+--- a/src/auth_passwd.c
++++ a/src/auth_passwd.c
+@@ -68,7 +68,11 @@
+ 
+     /* we can be installed setuid root to support shadow passwords,
+        and we don't need root privileges any longer.  --marekm */
+-    setuid(getuid());
++    int retval;
++    retval = setuid(getuid());
++    if (retval != 0) {
++        return 0;
++    }
+ 
+     if (strlen(pwd_entry->pw_passwd) < 13) {
+         perror("password entry has no pwd\n");
diff --git a/x11-misc/alock/files/fix-aliasing.patch b/x11-misc/alock/files/fix-aliasing.patch
new file mode 100644
index 000000000000..a4462c256943
--- /dev/null
+++ b/x11-misc/alock/files/fix-aliasing.patch
@@ -0,0 +1,23 @@
+--- a/src/auth_sha2.c
++++ b/src/auth_sha2.c
+@@ -511,7 +517,8 @@
+             *context->buffer = 0x80;
+         }
+         /* Set the bit count: */
+-        *(u_int64_t *)&context->buffer[SHA256_SHORT_BLOCK_LENGTH] = context->bitcount;
++        /* Use memcpy so we're not casting or aliasing */
++        memcpy(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], &context->bitcount, sizeof (context->bitcount));
+ 
+         /* Final transform: */
+         sha256_transform(context, context->buffer);
+@@ -789,8 +796,8 @@
+         *context->buffer = 0x80;
+     }
+     /* Store the length of input data (in bits): */
+-    *(u_int64_t *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH] = context->bitcount[1];
+-    *(u_int64_t *)&context->buffer[SHA512_SHORT_BLOCK_LENGTH+8] = context->bitcount[0];
++    memcpy(&context->buffer+SHA512_SHORT_BLOCK_LENGTH, &context->bitcount+1, sizeof (context->bitcount+1));
++    memcpy(&context->buffer+SHA512_SHORT_BLOCK_LENGTH+8, &context->bitcount, sizeof (context->bitcount));
+ 
+     /* Final transform: */
+     sha512_transform(context, context->buffer);
diff --git a/x11-misc/alock/files/no-xf86misc.patch b/x11-misc/alock/files/no-xf86misc.patch
new file mode 100644
index 000000000000..7ce3326000f8
--- /dev/null
+++ b/x11-misc/alock/files/no-xf86misc.patch
@@ -0,0 +1,129 @@
+--- a/configure
++++ b/configure
+@@ -163,44 +163,6 @@
+     exit 1
+ }
+ 
+-check_xf86misc() {
+-
+-    cat << EOF > tmp.c
+-#include <X11/Xlib.h>
+-#include <X11/extensions/xf86misc.h>
+-int main() {
+-    XF86MiscSetGrabKeysState(NULL, True);
+-    return 0;
+-}
+-EOF
+-    msg_chkfor "extensions/xf86misc.h"
+-    if ${CC} ${CFLAGS} -c tmp.c -o /dev/null 2>&3
+-    then
+-        echo "ok."
+-        msg_chkfor "xf86misc"
+-        if ${CC} ${CFLAGS} tmp.c -o /dev/null ${LDFLAGS} -lX11 -lXxf86misc 2>&3
+-        then
+-            echo "ok."
+-            echo "#_______________________" >&4
+-            echo "WITH_XF86MISC:=1" >&4
+-            echo "LIBS += -lXxf86misc" >&4
+-            echo "" >&4
+-            return
+-        fi
+-    fi
+-    echo "no."
+-    echo " "
+-    echo "!!! WARNING !!!"
+-    echo "   if the xserver is configured to allow"
+-    echo "   'AllowDeactivateGrabs' or 'AllowClosedownGrabs'"
+-    echo "   people can bypass alock !!! consider"
+-    echo "   to install the xf86misc extension!"
+-    echo "!!! WARNING !!!"
+-    echo " "
+-}
+-
+-
+-
+ 
+ check_xlib() {
+ 
+@@ -431,7 +393,6 @@
+ check_docs
+ check_tools
+ check_xlib
+-check_xf86misc
+ check_xlogo16
+ [ "$CHECK_XPM" -eq 1 ] && check_xpm
+ [ "$CHECK_XRENDER" -eq 1 ] && check_xrender
+--- a/src/GNUmakefile
++++ b/src/GNUmakefile
+@@ -46,7 +46,7 @@
+ 
+ ######################
+ 
+-MODULES = PAM PASSWD HASH XRENDER XCURSOR XF86MISC IMLIB2 XPM
++MODULES = PAM PASSWD HASH XRENDER XCURSOR IMLIB2 XPM
+ STAND_ALONES = $(subst auth_,,$(SRC_HASH:.c=))
+ 
+ $(foreach module,$(MODULES),$(eval $(call funcAddModule,$(module))))
+--- a/src/alock.c
++++ b/src/alock.c
+@@ -24,10 +24,6 @@
+ #include <unistd.h>
+ #include <poll.h>
+ 
+-#ifdef HAVE_XF86MISC
+-#include <X11/extensions/xf86misc.h>
+-#endif
+-
+ /*----------------------------------------------*\
+ \*----------------------------------------------*/
+ 
+@@ -405,11 +401,6 @@
+     struct aXInfo xinfo;
+     struct aOpts opts;
+ 
+-#if HAVE_XF86MISC
+-    int xf86misc_major = -1;
+-    int xf86misc_minor = -1;
+-#endif
+-
+     int arg = 0;
+     const char* cursor_args = NULL;
+     const char* background_args = NULL;
+@@ -587,23 +578,6 @@
+         }
+     }
+ 
+-#if HAVE_XF86MISC
+-    {
+-        if (XF86MiscQueryVersion(xinfo.display, &xf86misc_major, &xf86misc_minor) == True) {
+-
+-            if (xf86misc_major >= 0 &&
+-                xf86misc_minor >= 5 &&
+-                XF86MiscSetGrabKeysState(xinfo.display, False) == MiscExtGrabStateLocked) {
+-
+-                printf("%s", "alock: cant disable xserver hotkeys to remove grabs.\n");
+-                exit(EXIT_FAILURE);
+-            }
+-
+-            printf("%s", "disabled AllowDeactivateGrabs and AllowClosedownGrabs\n.");
+-        }
+-    }
+-#endif
+-
+     /* TODO: think about it: do we really need NR_SCREEN cursors ? we grab the
+      * pointer on :*.0 anyway ... */
+     if (XGrabPointer(xinfo.display, xinfo.window[0], False, None,
+@@ -621,13 +595,6 @@
+     opts.cursor->deinit(&xinfo);
+     opts.background->deinit(&xinfo);
+ 
+-#if HAVE_XF86MISC
+-    if (xf86misc_major >= 0 && xf86misc_minor >= 5) {
+-        XF86MiscSetGrabKeysState(xinfo.display, True);
+-        XFlush(xinfo.display);
+-    }
+-#endif
+-
+     XCloseDisplay(xinfo.display);
+ 
+     return EXIT_SUCCESS;
diff --git a/x11-misc/alock/files/tidy-printf.patch b/x11-misc/alock/files/tidy-printf.patch
new file mode 100644
index 000000000000..06a8a37ba7df
--- /dev/null
+++ b/x11-misc/alock/files/tidy-printf.patch
@@ -0,0 +1,23 @@
+--- a/src/cursor_xcursor.c
++++ a/src/cursor_xcursor.c
+@@ -37,17 +37,17 @@
+         return 0;
+ 
+     if (!args || strlen(args) < 13) {
+-        printf("%s", "alock: error, missing arguments for [xcursor].\n");
++        printf("alock: error, missing arguments for [xcursor].\n");
+         return 0;
+     }
+ 
+     if (strstr(args, "xcursor:") != args || strstr(&args[8], "file=") != &args[8]) {
+-        printf("%s", "alock: error, wrong arguments for [xcursor].\n");
++        printf("alock: error, wrong arguments for [xcursor].\n");
+         return 0;
+     }
+ 
+     if (!(cursor = XcursorFilenameLoadCursor(xinfo->display, &args[13]))) {
+-        printf("%s", "alock: error, couldnt load [%s]\n", &args[13]);
++        printf("alock: error, couldnt load [%s]\n", &args[13]);
+         return 0;
+     }
+