[app/xauth,1/2] Merge only entries with equal dpy and protoname.

Submitted by Michal Srb on May 31, 2018, 1:12 p.m.

Details

Message ID 20180531131236.6408-2-msrb@suse.com
State New
Headers show
Series "Fix xauth interaction with wildcard entries." ( rev: 1 ) in X.org

Not browsing as part of any series.

Commit Message

Michal Srb May 31, 2018, 1:12 p.m.
Merging two lists, or adding entry a into list acts unexpectedly if the list
contains FamilyWild or entry with an empty display numbers. For example:

  > xauth list
  #ffff#6f70656e737573652d74756d626c6577656564#:  MIT-MAGIC-COOKIE-1  1500d80327733252cc42ba469138a259

  > xauth add test/unix:2 MIT-MAGIC-COOKIE-1 aabbccddeeff00112233445566778899
  > xauth list
  test/unix:2  MIT-MAGIC-COOKIE-1  aabbccddeeff00112233445566778899

This is because merge_entries compares entries using `match_auth`, which
follows the same rules as XauGetBestAuthByAddr. Following these rules is good
when filtering the output of `xauth list`, but for merging we should compare
for equality. It used to be done that way before commit 1555fff4. That commit
changed it to improve the `xauth list` behavior, but did not seem consider the
impact on merge.
---
 process.c | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

Patch hide | download patch | download mbox

diff --git a/process.c b/process.c
index 12a1765..d3ea435 100644
--- a/process.c
+++ b/process.c
@@ -1057,16 +1057,22 @@  extract_entry(const char *inputfilename, int lineno, Xauth *auth, char *data)
 
 
 static int
-eq_auth(Xauth *a, Xauth *b)
+eq_auth_dpy_and_name(Xauth *a, Xauth *b)
 {
     return((a->family == b->family &&
 	    a->address_length == b->address_length &&
 	    a->number_length == b->number_length &&
 	    a->name_length == b->name_length &&
-	    a->data_length == b->data_length &&
 	    memcmp(a->address, b->address, a->address_length) == 0 &&
 	    memcmp(a->number, b->number, a->number_length) == 0 &&
-	    memcmp(a->name, b->name, a->name_length) == 0 &&
+	    memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0);
+}
+
+static int
+eq_auth(Xauth *a, Xauth *b)
+{
+    return((eq_auth_dpy_and_name(a, b) &&
+	    a->data_length == b->data_length &&
 	    memcmp(a->data, b->data, a->data_length) == 0) ? 1 : 0);
 }
 
@@ -1100,17 +1106,6 @@  match_auth_dpy(register Xauth *a, register Xauth *b)
     return 1;
 }
 
-/* return non-zero iff display and authorization type are the same */
-
-static int
-match_auth(register Xauth *a, register Xauth *b)
-{
-    return ((match_auth_dpy(a, b)
-	     && a->name_length == b->name_length
-	     && memcmp(a->name, b->name, a->name_length) == 0) ? 1 : 0);
-}
-
-
 static int
 merge_entries(AuthList **firstp, AuthList *second, int *nnewp, int *nreplp)
 {
@@ -1144,7 +1139,7 @@  merge_entries(AuthList **firstp, AuthList *second, int *nnewp, int *nreplp)
 
 	a = first;
 	for (;;) {
-	    if (match_auth (a->auth, b->auth)) {  /* found a duplicate */
+	    if (eq_auth_dpy_and_name (a->auth, b->auth)) {  /* found a duplicate */
 		AuthList tmp;		/* swap it in for old one */
 		tmp = *a;
 		*a = *b;