Avoid use-after-free in dix/dixfonts.c: doImageText() [CVE-2013-4396] from xorg/Xserver http://lists.x.org/archives/xorg-announce/2013-October/002332.html

Save a pointer to the passed in closure structure before copying it
and overwriting the *c pointer to point to our copy instead of the
original.  If we hit an error, once we free(c), reset c to point to
the original structure before jumping to the cleanup code that
references *c.

Since one of the errors being checked for is whether the server was
able to malloc(c->nChars * itemSize), the client can potentially pass
a number of characters chosen to cause the malloc to fail and the
error path to be taken, resulting in the read from freed memory.

Since the memory is accessed almost immediately afterwards, and the
X server is mostly single threaded, the odds of the free memory having
invalid contents are low with most malloc implementations when not using
memory debugging features, but some allocators will definitely overwrite
the memory there, leading to a likely crash.

v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo)

Attributes GH PR #31: https://github.com/ArcticaProject/nx-libs/pull/31

XRender CVE fixes for nxagent (X.Org CVE-2014-8100)

  * Update nxcomp/LICENSE.
  * Add nxcomp/README.on-retroactive-DXPC-license, giving a
    short overview of the flow of discussions
  * Add "modified or unmodified" to the license information
    printed out to stdout in nxcomp/Misc.cpp
  * Fix copyright year (2006->2003) for Gian Filippo Pinzari
    (and move him to the GPL-2 section).
  * Add the complete .mbox file of Debian bug #748565.

Attributes GH PR #21: https://github.com/ArcticaProject/nx-libs/pull/21

v2: backport to nx-libs 3.6.x (Mike DePaulo)
v3: port to NXrender.c rather than render.c (Mike DePaulo)
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

Conflicts:
	render/render.c

Otherwise we may be reading outside of the client request.

v2: backport to nx-libs 3.6.x (Mike DePaulo)
v3: port to NXrender.c rather than render.c (Mike DePaulo)
Signed-off-by: Julien Cristau <jcristau@debian.org>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

Conflicts:
	render/render.c

Attributes GH PR #34: https://github.com/ArcticaProject/nx-libs/pull/34

This patch is some code fixes to allow developer debuging by using TEST macros in the NX code

This patch allows to cleanup the nxcomp resources to allow for a seco…

Particularly the following macros have been tested -DTEST -DDEBUG -DDUMP -DFLUSH -DTOKEN -DSPLIT -DPING -DMIXED -DMATCH -DTIME

This patch allows to cleanup the nxcomp resources to allow for a second connection inside the same process, instead of a new process as is the nxproxy case.

This involves creating a new API call

void NXTransCleanupForReconnect(void);

which basically cleans up the global state for the connection but does not exit the process.

Background
==========
This is needed for the IOS platform, where the nxproxy model of forking does not work.
Also NX handles most of the errors with an "exit" call which in IOS cannot be easily handled.

Attributes GH PR #18: https://github.com/ArcticaProject/nx-libs/pull/18

dix: Allow zero-height PutImage requests (fix for X.Org's CVE-2015-3418).

library clean-up: Don't build libNX_Xdamage anymore. Use system's libXdamage shared library. (Fixes ArcticaProject/nx-libs#6, X2GoBTS#826).

 The length checking code validates PutImage height and byte width by
 making sure that byte-width >= INT32_MAX / height. If height is zero,
 this generates a divide by zero exception. Allow zero height requests
 explicitly, bypassing the INT32_MAX check.

 Fix for regression introduced by fix for CVE-2014-8092.

 v2: backports to nx-libs 3.6.x (Mike Gabriel)
Signed-off-by: Keith Packard <keithp@keithp.com>

debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only delete known files. Fixes RPM build failures.

debian/libnx-xinerama1.*: also create libXinerama symlink in libnx-xinerama1.postinst (and remove in libxinerama1.prerm).

Due to the nx-x11-common package being a noarch/allarch package,
creating the symlink in nx-libs' Makefile will lead to the symlink
referencing the "default" architecture dpkg uses for building
noarch/allarch packages.

Incidentally, this worked fine for Debian, as amd64 seems to be the
default architecture. On Ubuntu, however, the default architecture up to
Vivid (15.04) was i386. For those builds, the symlink pointed to the 32
bit library of libNX_Xinerama.so.1 -- essentially breaking this feature.

Move the symlink creation to the arch-sensitive libnx-xinerama1 package.
The postinst and prerm scriptlets will work fine, unless someone
installs the i386 package version *after* the amd64 version. Given that
we already create symlinks to libNX_X11 and friends using that method,
no new regression is introduced. Strictly speaking that's a bug, but
we'll hopefully clean that up later...

Attributes GH PR #17: https://github.com/ArcticaProject/nx-libs/pull/17