ChangeLog

+commit 733f64bfeb311c1d040b2f751bfdef9c9d0f89ef
+Author: Matthieu Herrb <matthieu@herrb.eu>
+Date:   Tue Aug 21 16:54:50 2018 +0200
+
+    libX11 1.6.6
+    
+    Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+commit 173704243fbcbea0b6de2068b4fb403c7408fb54
+Author: Matthieu Herrb <matthieu@herrb.eu>
+Date:   Tue Aug 21 16:53:40 2018 +0200
+
+    Remove statement with no effect.
+    
+    Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+
+commit e83722768fd5c467ef61fa159e8c6278770b45c2
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date:   Fri Jul 27 16:38:00 2018 +0200
+
+    Fixed crash on invalid reply (CVE-2018-14598).
+    
+    If the server sends a reply in which even the first string would
+    overflow the transmitted bytes, list[0] (or flist[0]) will be set to
+    NULL and a count of 0 is returned.
+    
+    If the resulting list is freed with XFreeExtensionList or
+    XFreeFontPath later on, the first Xfree call:
+    
+        Xfree (list[0]-1)
+     turns into
+        Xfree (NULL-1)
+    
+    which will most likely trigger a segmentation fault.
+    
+    I have modified the code to return NULL if the first string would
+    overflow, thus protecting the freeing functions later on.
+    
+    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+
+commit dbf72805fd9d7b1846fe9a11b46f3994bfc27fea
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date:   Fri Jul 27 16:37:17 2018 +0200
+
+    Fixed out of boundary write (CVE-2018-14600).
+    
+    The length value is interpreted as signed char on many systems
+    (depending on default signedness of char), which can lead to an out of
+    boundary write up to 128 bytes in front of the allocated storage, but
+    limited to NUL byte(s).
+    
+    Casting the length value to unsigned char fixes the problem and allows
+    string values with up to 255 characters.
+    
+    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+
+commit b469da1430cdcee06e31c6251b83aede072a1ff0
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date:   Fri Jul 27 16:36:34 2018 +0200
+
+    Fixed off-by-one writes (CVE-2018-14599).
+    
+    The functions XGetFontPath, XListExtensions, and XListFonts are
+    vulnerable to an off-by-one override on malicious server responses.
+    
+    The server replies consist of chunks consisting of a length byte
+    followed by actual string, which is not NUL-terminated.
+    
+    While parsing the response, the length byte is overridden with '\0',
+    thus the memory area can be used as storage of C strings later on. To
+    be able to NUL-terminate the last string, the buffer is reserved with
+    an additional byte of space.
+    
+    For a boundary check, the variable chend (end of ch) was introduced,
+    pointing at the end of the buffer which ch initially points to.
+    Unfortunately there is a difference in handling "the end of ch".
+    
+    While chend points at the first byte that must not be written to,
+    the for-loop uses chend as the last byte that can be written to.
+    
+    Therefore, an off-by-one can occur.
+    
+    I have refactored the code so chend actually points to the last byte
+    that can be written to without an out of boundary access. As it is not
+    possible to achieve "ch + length < chend" and "ch + length + 1 > chend"
+    with the corrected chend meaning, I removed the inner if-check.
+    
+    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+
+commit d81da209fd4d0c2c9ad0596a8078e58864479d0d
+Author: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date:   Tue Jul 3 22:31:37 2018 +0200
+
+    Validation of server response in XListHosts.
+    
+    If a server sends an incorrect length in its response, a client is prone
+    to perform an out of boundary read while processing the data.
+    
+    The length field of xHostEntry is used to specify the amount of bytes
+    used to represent the address. It is 16 bit, which means that it is not
+    possible to perform an arbitrary memory access, but it might be enough
+    to read sensitive information, e.g. malloc-related pointers and offsets.
+    
+    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
+
+commit b676e62377483df77bcb6472d26b24f901323fa9
+Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Date:   Wed Jun 13 15:46:58 2018 +0200
+
+    XkbOpenDisplay.3: fix typo
+    
+    XkbOpenDisplay returns a pointer to Display, not a Display.
+    
+    Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+
+commit 9c5845ff0dc080ff10bd68af4fc40fcd805728ca
+Author: Martin Natano <natano@natano.net>
+Date:   Sat Oct 8 19:57:50 2016 +0200
+
+    Don't rebuild ks_tables.h if nothing changed.
+    
+    ks_tables.h is always considered out of date due to the forced rebuild
+    of the makekeys util. This means the file is also rebuilt during 'make
+    install', which is usually performed as root, which can to lead
+    permission problems later on.
+    
+    Signed-off-by: Martin Natano <natano@natano.net>
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+commit 796f754cba6d75b676a0fc39b97802198fceda4f
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Sat May 5 14:43:30 2018 -0700
+
+    Change fall through comment in lcDB.c to match gcc's requirements
+    
+    Needs to match one of the regexps shown under
+    https://gcc.gnu.org/onlinedocs/gcc-7.3.0/gcc/Warning-Options.html#index-Wimplicit-fallthrough
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+commit 82ca6308757126fa7ffc6588f1e5d8e3be04251b
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Sat Mar 24 19:45:14 2018 -0700
+
+    Use size_t for buffer sizes in SetHints.c
+    
+    These variables store values returned from strlen() as a size_t
+    and are passed to Xmalloc, which expects a size_t, so lets stop
+    converting back and forth to int along the way.
+    
+    Reported by: Konstantin SKliarov
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
+
+commit 50a5a98984097d614227d22a49265e12b172cac7
+Author: Bhavi Dhingra <b.dhingra@samsung.com>
+Date:   Tue Jul 5 11:37:50 2016 +0530
+
+    Fix possible memory leak in cmsProp.c:140
+    
+    https://bugs.freedesktop.org/show_bug.cgi?id=96814
+    
+    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+commit a9dafdd57c71473fa3a2ec4887e973e4e9876d83
+Author: Michal Srb <msrb@suse.com>
+Date:   Thu Mar 15 09:50:58 2018 +0100
+
+    Use flexible array member instead of fake size.
+    
+    The _XimCacheStruct structure is followed in memory by two strings containing
+    fname and encoding. The memory was accessed using the last member of the
+    structure `char fname[1]`. That is a lie, prohibits us from using sizeof and
+    confuses checkers. Lets declare it properly as a flexible array, so compilers
+    don't complain about writing past that array. As bonus we can replace the
+    XOffsetOf with regular sizeof.
+    
+    Fixes GCC8 error:
+      In function 'strcpy',
+          inlined from '_XimWriteCachedDefaultTree' at imLcIm.c:479:5,
+          inlined from '_XimCreateDefaultTree' at imLcIm.c:616:2,
+          inlined from '_XimLocalOpenIM' at imLcIm.c:700:5:
+      /usr/include/bits/string_fortified.h:90:10: error: '__builtin_strcpy'
+      forming offset 2 is out of the bounds [0, 1] [-Werror=array-bounds]
+         return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
+    
+    Caused by this line seemingly writing past the fname[1] array:
+      imLcIm.c:479:  strcpy (m->fname+strlen(name)+1, encoding);
+    
+    Reviewed-by: Keith Packard <keithp@keithp.com>
+    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
+
+commit 34f4464f69a4d6ff0d1042500a62f9a5ed7f3647
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Tue Mar 6 11:42:27 2018 -0800
+
+    If XGetImage fails to create image, don't dereference it to bounds check
+    
+    Reported by gcc 7.3:
+    
+    GetImage.c:110:25: warning: potential null pointer dereference [-Wnull-dereference]
+      if (planes < 1 || image->height < 1 || image->bytes_per_line < 1 ||
+                        ~~~~~^~~~~~~~
+    
+    Introduced by 8ea762f94f4c942d898fdeb590a1630c83235c17 in Xlib 1.6.4
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Reviewed-by: Emil Velikov <emil.velikov@collabora.com>
+
+commit e835a9dcc3362b5e92893be756dd7ae361e64ced
+Author: wharms <wharms@bfs.de>
+Date:   Sun Sep 3 14:17:45 2017 +0200
+
+    silence gcc warning assignment discards 'const' qualifier from pointer target type
+
+commit 36a1ac0253fea82ff79cc52ba56c5691cfd07a3b
+Author: wharms <wharms@bfs.de>
+Date:   Sun Aug 20 21:51:57 2017 +0200
+
+    remove empty line
+
+commit e02dfe54f32b4165351d2712a9d2e0584906a3ce
+Author: wharms <wharms@bfs.de>
+Date:   Sun Aug 20 21:50:33 2017 +0200
+
+    add _X_UNUSED to avoid unused variable warnings
+
+commit 2911c39cecd63ed3747072a5eeeb9eedffc881e9
+Author: walter harms <wharms@bfs.de>
+Date:   Sat Jun 4 17:19:59 2016 +0200
+
+    Fixes: warning: variable 'req' set but not,used
+    
+    Fixes: warning: variable 'req' set but not used [-Wunused-but-set-variable]
+           by marking req _X_UNUSED
+            Solution was discussed on xorg-devel ML
+           Peter Hutter, Alan Coopersmith
+            Re: [PATCH libX11 3/5] fix: warning: pointer targets in passing argument 2 of '_XSend' differ in signedness [-Wpointer-sign]
+    
+    Signed-off-by: harms wharms@bfs.de
+
+commit bf82ec0402479fd8399d69e7d62fc17d7956699a
+Author: walter harms <wharms@bfs.de>
+Date:   Sat Jun 4 17:22:07 2016 +0200
+
+    mark _XDefaultIOError as no_return
+    
+    mark _XDefaultIOError as no_return. No one comes back from exit() ...
+    
+    Signed-off-by: harms wharms@bfs.de
+
+commit 9abe8380074edea3ac4e72466ec47e921ca05e47
+Author: walter harms <wharms@bfs.de>
+Date:   Sat Jun 4 17:21:52 2016 +0200
+
+    no need to check XFree arguments
+    
+    You can save a bit of code. The is no need to check XFree arguments bring  free_fontdataOM in line with other free function and check for NULL arg
+    
+    Signed-off-by: harms wharms@bfs.de
+
+commit 433477fcb7e07d0c26a22ba78aae88827ed1f440
+Author: walter harms <wharms@bfs.de>
+Date:   Tue Apr 26 16:32:20 2016 +0200
+
+    fix memleak in error path
+    
+    free all mem on error
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit ed9f0d34abc645eee56e21863f23acb4d0bb8e9a
+Author: walter harms <wharms@bfs.de>
+Date:   Tue Apr 26 17:58:16 2016 +0200
+
+    fix memleak in error path
+    
+    V2: remove unneeded NULL (reported by eric.engestrom@imgtec.com)
+    
+    fix mem leak in error path
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 7c78fc57693afa94cf26170f0f6276e3b7374ed0
+Author: walter harms <wharms@bfs.de>
+Date:   Tue Apr 26 16:34:11 2016 +0200
+
+    no need to check args for Xfree()
+    
+    simplify code
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit c1c14af441ae73d1a8e67a971fafcf967e45ac48
+Author: walter harms <wharms@bfs.de>
+Date:   Tue Apr 26 16:23:46 2016 +0200
+
+    remove stray extern
+    
+    remove stray extern
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 714921f041a245dc5f37a689268b584226a2ccb9
+Author: walter harms <wharms@bfs.de>
+Date:   Mon Apr 11 18:26:52 2016 +0200
+
+    no need to check argument for _XkbFree()
+    
+    simplify code by removing unneeded checks
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit d02c2466f65063a03c97dbcee05071c12a3676e6
+Author: walter harms <wharms@bfs.de>
+Date:   Mon Apr 11 18:22:38 2016 +0200
+
+    fix more shadow warning
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 0355c3926d5372f9762f235071dbd94a89bbbdad
+Author: walter harms <wharms@bfs.de>
+Date:   Thu Mar 31 19:16:33 2016 +0200
+
+    fix shadow char_size
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 916dffadf052135df3398651be873c353da629e1
+Author: walter harms <wharms@bfs.de>
+Date:   Thu Mar 31 19:14:32 2016 +0200
+
+    remove argument check for free() adjust one inden
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 6ec901ebca3fea6a762e22090dc35b1b90911133
+Author: walter harms <wharms@bfs.de>
+Date:   Thu Mar 31 19:12:17 2016 +0200
+
+    _XIOError(dpy); will never return so remore dead
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 83107a677b2ed458e4d62ea4a601e8181d3683d8
+Author: walter harms <wharms@bfs.de>
+Date:   Thu Mar 31 19:10:49 2016 +0200
+
+    fix shadow warning
+    
+    Signed-off-by: walter harms <wharms@bfs.de>
+
+commit 4fe66b1c5112b07bd09e28bbc021911d08a9621f
+Author: Ryan C. Gordon <icculus@icculus.org>
+Date:   Wed Aug 2 02:41:03 2017 -0400
+
+    Valgrind fix for XStoreColor and XStoreColors.
+    
+    If the "pad" field isn't set, Valgrind will report it as uninitialized
+    memory accesses when the struct is copied into the Display's send buffer.
+    
+    In practice, this is (probably) harmless, but Valgrind is correct in
+    believing it's a bug.
+    
+    https://bugs.freedesktop.org/attachment.cgi?id=133189
+    
+    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+commit 7d2010fec25c2f52b873ad0572479eb43128b038
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Fri Apr 7 00:13:03 2017 -0700
+
+    Improve table formatting in XkbChangeControls & XkbKeyNumGroups man pages
+    
+    Includes fix for Solaris Bug 24564279: "XkbKeyNumGroups.3x11 man page
+    contains some malformed text" caused by extra whitespace after .TE macros
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+
+commit b856d5d929047d1ea169814d56e43784ea404c83
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Thu Mar 16 00:05:49 2017 -0700
+
+    Clarify state parameter to XkbSetNamedDeviceIndicator
+    
+    Checking a Bool to see if it's NULL does not work well in C.
+    Also reported in https://bugs.freedesktop.org/show_bug.cgi?id=251
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Reviewed-by: Adam Jackson <ajax@redhat.com>
+
+commit c6dadd4cebd994aafb37a58b3adbaa82507c2d18
+Author: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date:   Wed Mar 15 23:50:26 2017 -0700
+
+    Make Xkb{Get,Set}NamedIndicator spec & manpages match code
+    
+    The XKB Library spec and the man pages for XkbGetNamedIndicator &
+    XkbSetNamedIndicator included a device_spec argument neither function
+    takes, and do not include the XkbGetNamedDeviceIndicator &
+    XkbSetNamedDeviceIndicator variants that do take it (along with two
+    other arguments).
+    
+    This updates them to match the interfaces the code has provided for
+    decades.
+    
+    This has been reported multiple times, so this fixes:
+    https://bugs.freedesktop.org/show_bug.cgi?id=251
+    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729812
+    Sun Bug 4528016 XkbSetNamedIndicator & XkbGetNamedIndicator man pages are wrong
+      (filed: alan.coopersmith@sun.com 2001-11-15 - now aka Oracle bug 15087506)
+    X.Org Group Defect Id #9418
+    
+    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+    Reviewed-by: Adam Jackson <ajax@redhat.com>
+
+commit 2d20890e7ffd3ee88a9ceb25cdd2ac1fe7aaceb6
+Author: Arthur Huillet <ahuillet@nvidia.com>
+Date:   Wed Feb 1 15:02:41 2017 +0100
+
+    _XDefaultError: set XlibDisplayIOError flag before calling exit
+    
+    _XReply isn't reentrant, and it can lead to deadlocks when the default error
+    handler is called: _XDefaultError calls exit(1). It is called indirectly by
+    _XReply when a X protocol error comes in that isn't filtered/handled by an
+    extension or the application. This means that if the application (or one of its
+    loaded shared libraries such as the NVIDIA OpenGL driver) has registered any
+    _fini destructor, _fini will get called while still on the call stack of
+    _XReply. If the destructor interacts with the X server and calls _XReply, it
+    will hit a deadlock, looping on the following in _XReply:
+    
+        ConditionWait(dpy, dpy->xcb->reply_notify);
+    
+    It is legal for an application to make Xlib calls during _fini, and that is
+    useful for an OpenGL driver to avoid resource leaks on the X server side, for
+    example in the dlopen/dlclose case. However, the driver can not readily tell
+    whether its _fini is being called because Xlib called exit, or for another
+    reason (dlclose), so it is hard to cleanly work around this issue in the driver.
+    
+    This change makes it so _XReply effectively becomes a no-op when called after
+    _XDefaultError was called, as though an XIOError had happened. The dpy
+    connection isn't broken at that point, but any call to _XReply is going to hang.
+    This is a bit of a kludge, because the more correct solution would be to make
+    _XReply reentrant, maybe by broadcasting the reply_notify condition before
+    calling the default error handler. However, such a change would carry a grater
+    risk of introducing regressions in Xlib.
+    
+    This change will drop some valid requests on the floor, but this should not
+    matter, as it will only do so in the case where the application is dying: X will
+    clean up after it once exit() is done running. There is the case of
+    XSetCloseDownMode(RETAIN_PERMANENT), but an application using that and wishing
+    to clean up resources in _fini would currently be hitting a deadlock, which is
+    hardly a better situation.
+    
+    Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
+    Reviewed-by: Jamey Sharp <jamey@minilop.net>
+
 commit 42f4d7af9cf6d1dbfa575552e057328b054a20c9
 Author: Matt Turner <mattst88@gmail.com>
 Date:   Sat Feb 25 21:54:22 2017 -0800

configure.ac

 
 # Initialize Autoconf
 AC_PREREQ([2.60])
-AC_INIT([libX11], [1.6.5],
-        [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libX11])
+AC_INIT([libX11], [1.6.6],
+        [https://gitlab.freedesktop.org/xorg/lib/libx11/issues], [libX11])
 AC_CONFIG_SRCDIR([Makefile.am])
 AC_CONFIG_HEADERS([src/config.h include/X11/XlibConf.h])
 AC_CONFIG_MACRO_DIR([m4])

debian/README.source

+------------------------------------------------------
+Quick Guide To Patching This Package For The Impatient
+------------------------------------------------------
+
+1. Make sure you have quilt installed
+2. Unpack the package as usual with "dpkg-source -x"
+3. Run the "patch" target in debian/rules
+4. Create a new patch with "quilt new" (see quilt(1))
+5. Edit all the files you want to include in the patch with "quilt edit" 
+   (see quilt(1)).
+6. Write the patch with "quilt refresh" (see quilt(1))
+7. Run the "clean" target in debian/rules
+
+Alternatively, instead of using quilt directly, you can drop the patch in to 
+debian/patches and add the name of the patch to debian/patches/series.
+
+While building from git, dpkg-source can complain about symlinks vs.
+normal files mismatches. To work around this issue, before uploading,
+and without committing:
+
+  find -type l | while read dest; do src=$(readlink -f $dest); rm $dest; cp $src $dest; done
+
+------------------------------------
+Guide To The X Strike Force Packages
+------------------------------------
+
+The X Strike Force team maintains X packages in git repositories on
+git.debian.org in the pkg-xorg subdirectory. Most upstream packages
+are actually maintained in git repositories as well, so they often
+just need to be pulled into git.debian.org in a "upstream-*" branch.
+Otherwise, the upstream sources are manually installed in the Debian
+git repository.
+
+The .orig.tar.gz upstream source file could be generated using this
+"upstream-*" branch in the Debian git repository but it is actually
+copied from upstream tarballs directly.
+
+Due to X.org being highly modular, packaging all X.org applications
+as their own independent packages would have created too many Debian
+packages. For this reason, some X.org applications have been grouped
+into larger packages: xutils, xutils-dev, x11-apps, x11-session-utils,
+x11-utils, x11-xfs-utils, x11-xkb-utils, x11-xserver-utils.
+Most packages, including the X.org server itself and all libraries
+and drivers are, however maintained independently.
+
+The Debian packaging is added by creating the "debian-*" git branch
+which contains the aforementioned "upstream-*" branch plus the debian/
+repository files.
+When a patch has to be applied to the Debian package, two solutions
+are involved:
+* If the patch is available in one of the upstream branches, it
+  may be git'cherry-picked into the Debian repository. In this
+  case, it appears directly in the .diff.gz.
+* Otherwise, the patch is added to debian/patches/ which is managed
+  with quilt as documented in /usr/share/doc/quilt/README.source.

debian/changelog

+libx11 (2:1.6.6-1) unstable; urgency=medium
+
+  * New upstream release.
+    - Fixes CVE-2018-14598, CVE-2018-14599 and CVE-2018-14600.
+  * Move libx11-doc from Recommends to Suggests (Closes: #648443).
+  * Add debian/README.source
+  * Set source format to 1.0.
+  * Bump standards version to 4.2.0.
+
+ -- Andreas Boll <aboll@debian.org>  Wed, 22 Aug 2018 21:22:31 +0200
+
 libx11 (2:1.6.5-1) unstable; urgency=medium
 
   * Add Matt Turner's key to d/u/signing-key.asc

debian/control

@@ -19,7 +19,7 @@ Build-Depends:
  xmlto,
  xorg-sgml-doctools (>= 1:1.10),
  w3m,
-Standards-Version: 3.9.8
+Standards-Version: 4.2.0
 Vcs-Git: https://salsa.debian.org/xorg-team/lib/libx11
 Vcs-Browser: https://salsa.debian.org/xorg-team/lib/libx11
 
@@ -83,7 +83,7 @@ Depends:
  x11proto-kb-dev,
  xtrans-dev,
  libxcb1-dev,
-Recommends: libx11-doc
+Suggests: libx11-doc
 Description: X11 client-side library (development headers)
  This package provides a client interface to the X Window System, otherwise
  known as 'Xlib'.  It provides a complete API for the basic functions of the

debian/source/format

+1.0

man/xkb/Makefile.am

@@ -111,6 +111,7 @@ libman_PRE = \
 	XkbGetKeyboardByName.man                \
 	XkbGetMap.man                           \
 	XkbGetNameChanges.man                   \
+	XkbGetNamedDeviceIndicator.man          \
 	XkbGetNamedGeometry.man                 \
 	XkbGetNamedIndicator.man                \
 	XkbGetNames.man                         \
@@ -191,6 +192,7 @@ libman_PRE = \
 	XkbSetIndicatorMap.man                  \
 	XkbSetMap.man                           \
 	XkbSetModActionVMods.man                \
+	XkbSetNamedDeviceIndicator.man          \
 	XkbSetNamedIndicator.man                \
 	XkbSetNames.man                         \
 	XkbSetPtrActionX.man                    \

man/xkb/XkbChangeControls.man

@@ -99,37 +99,41 @@ Table 1 Xkb Controls
 _
 Control	Control			
 	Selection	Relevant		
-	Mask	XkbControlsRec	Boolean Control
-	(which parameter)	DataFields	enabled_ctrls bit	Section
+	Mask (which	XkbControlsRec	Boolean Control	
+	parameter)	DataFields	enabled_ctrls bit	Section
 _
 T{
 AccessXFeedback
 T}	T{
-XkbAccessXFeedbackMask
-T}	ax_options:	T{
-XkbAccessXFeedbackMask
-T}	10.6.3
+XkbAccessX\%FeedbackMask
+T}	T{
+ax_options:
   XkbAX_*FBMask
+T}	T{
+XkbAccessX\%FeedbackMask
+T}	10.6.3
 T{
 AccessXKeys
 T}			T{
-XkbAccessXKeysMask
+XkbAccessX\%Keys\%Mask
 T}	10.6.1
 T{
-AccessXTimeout
+AccessX\%Timeout
 T}	T{
-XkbAccessXTimeoutMask
-T}	ax_timeout	T{
-XkbAccessXTimeoutMask
-T}	10.6.2
+XkbAccessX\%Timeout\%Mask
+T}	T{
+ax_timeout
 axt_opts_mask
 axt_opts_values
 axt_ctrls_mask
 axt_ctrls_values
+T}	T{
+XkbAccessX\%Timeout\%Mask
+T}	10.6.2
 T{
 AudibleBell
 T}			T{
-XkbAudibleBellMask
+XkbAudible\%Bell\%Mask
 T}	9.2
 T{
 AutoReset
@@ -137,9 +141,9 @@ T}				10.1.2
 T{
 BounceKeys
 T}	T{
-XkbBounceKeysMask
+XkbBounce\%KeysMask
 T}	debounce_delay	T{
-XkbBounceKeysMask
+XkbBounce\%KeysMask
 T}	10.6.7
 T{
 Detectable-
@@ -150,35 +154,35 @@ T}
 T{
 EnabledControls
 T}	T{
-XkbControlsEnabledMask
+XkbControls\%EnabledMask
 T}	enabled_ctrls	T{
-Non-Boolean Control
+Non-Boolean \%Control
 T}	10.1.1
 T{
 GroupsWrap
 T}	T{
-XkbGroupsWrapMask
+XkbGroups\%Wrap\%Mask
 T}	groups_wrap	T{
-Non-Boolean Control
+Non-Boolean \%Control
 T}	10.7.1
 T{
 IgnoreGroupLock
 T}			T{
-XkbIgnoreGroupLockMask
+XkbIgnore\%GroupLock\%Mask
 T}	10.7.3
 T{
 IgnoreLockMods
 T}	T{
-XkbIgnoreLockModsMask
+XkbIgnore\%LockMods\%Mask
 T}	ignore_lock	T{
-Non-Boolean Control
+Non-Boolean \%Control
 T}	5.1
 T{
 InternalMods
 T}	T{
-XkbInternalModsMask
+XkbInternal\%Mods\%Mask
 T}	internal	T{
-Non-Boolean Control
+Non-Boolean \%Control
 T}	5.1
 T{
 MouseKeys
@@ -190,14 +194,16 @@ T}	10.5.1
 T{
 MouseKeysAccel
 T}	T{
-XkbMouseKeysAccelMask
-T}	mk_delay	T{
-XkbMouseKeysAccelMask
-T}	10.5.2
+XkbMouseKeys\%Accel\%Mask
+T}	T{
+mk_delay
 mk_interval
 mk_time_to_max
 mk_max_speed
 mk_curve
+T}	T{
+XkbMouseKeys\%Accel\%Mask
+T}	10.5.2
 T{
 Overlay1
 T}			T{
@@ -211,34 +217,36 @@ T}	10.4
 T{
 PerKeyRepeat
 T}	T{
-XkbPerKeyRepeatMask
+XkbPerKey\%Repeat\%Mask
 T}	per_key_repeat	T{
-Non-Boolean Control
+Non-Boolean \%Control
 T}	10.3.1
 T{
 RepeatKeys
 T}	T{
-XkbRepeatKeysMask
+Xkb\%Repeat\%Keys\%Mask
 T}	repeat_delay	T{
-XkbRepeatKeysMask
+Xkb\%Repeat\%Keys\%Mask
 T}	10.3
 			repeat_interval
 T{
 SlowKeys
 T}	T{
-XkbSlowKeysMask
+Xkb\%Slow\%Keys\%Mask
 T}	slow_keys_delay	T{
-XkbSlowKeysMask
+Xkb\%Slow\%Keys\%Mask
 T}	10.6.6
 T{
 StickyKeys
 T}	T{
-XkbStickyKeysMask
-T}	ax_options:	T{
-XkbStickyKeysMask
-T}	10.6.8
+Xkb\%Sticky\%Keys\%Mask
+T}	T{
+ax_options:
   XkbAX_TwoKeysMask
   XkbAX_LatchToLockMask
+T}	T{
+Xkb\%Sticky\%Keys\%Mask
+T}	10.6.8
 .TE
 
 Table 2 shows the actual values for the individual mask bits used to select 
@@ -260,8 +268,9 @@ l l l l
 l l l l. 
 Table 2 Controls Mask Bits
 _
-Mask Bit	which or	enabled	Value
-	changed_ctrls	_ctrls
+Mask Bit	which or		Value
+	changed	enabled
+	_ctrls	_ctrls
 _
 XkbRepeatKeysMask	ok	ok	(1L<<0)
 XkbSlowKeysMask	ok	ok	(1L<<1)

man/xkb/XkbGetNamedDeviceIndicator.man

+.so man__libmansuffix__/XkbGetNamedIndicator.__libmansuffix__

man/xkb/XkbGetNamedIndicator.man

-.\" Copyright 1999 Oracle and/or its affiliates. All rights reserved.
+.\" Copyright 1999, 2017, Oracle and/or its affiliates. All rights reserved.
 .\"
 .\" Permission is hereby granted, free of charge, to any person obtaining a
 .\" copy of this software and associated documentation files (the "Software"),
@@ -25,9 +25,19 @@ XkbGetNamedIndicator \- Look up the indicator map and other information for an
 indicator by name
 .SH SYNOPSIS
 .HP
-.B Bool XkbGetNamedIndicator
+.B Bool XkbGetNamedDeviceIndicator
 .BI "(\^Display *" "dpy" "\^,"
 .BI "unsigned int " "dev_spec" "\^,"
+.BI "unsigned int " "led_class" "\^,"
+.BI "unsigned int " "led_id" "\^,"
+.BI "Atom " "name" "\^,"
+.BI "int *" "ndx_rtrn" "\^,"
+.BI "Bool *" "state_rtrn" "\^,"
+.BI "XkbIndicatorMapPtr " "map_rtrn" "\^,"
+.BI "Bool *" "real_rtrn" "\^);"
+.HP
+.B Bool XkbGetNamedIndicator
+.BI "(\^Display *" "dpy" "\^,"
 .BI "Atom " "name" "\^,"
 .BI "int *" "ndx_rtrn" "\^,"
 .BI "Bool *" "state_rtrn" "\^,"
@@ -43,6 +53,12 @@ connection to the X server
 .I \- dev_spec
 keyboard device ID, or XkbUseCoreKbd
 .TP
+.I \- led_class
+feedback class, or XkbDfltXIClass
+.TP
+.I \- led_id
+feedback ID, or XkbDfltXIId
+.TP
 .I \- name
 name of the indicator to be retrieved
 .TP
@@ -65,16 +81,16 @@ to get the indicator names. Using names eliminates the need for hard-coding
 bitmask values for particular keyboards. For example, instead of using 
 vendor-specific constants such as WSKBLed_ScrollLock mask on Digital 
 workstations or XLED_SCROLL_LOCK on Sun workstations, you can instead use
-.I XkbGetNamedIndicator 
+.I XkbGetNamedDeviceIndicator
 to look up information on the indicator named "Scroll Lock." 
 
 If the device specified by 
 .I device_spec 
 has an indicator named 
-.I name, XkbGetNamedIndicator 
+.IR name ", " XkbGetNamedDeviceIndicator
 returns True and populates the rest of the parameters with information about the 
 indicator. Otherwise, 
-.I XkbGetNamedIndicator 
+.I XkbGetNamedDeviceIndicator
 returns False.
 
 The 
@@ -95,22 +111,42 @@ Each of the "
 " arguments is optional; you can pass NULL for any unneeded "
 .I _rtrn
 " arguments.
+
+.LP
+.I XkbGetNamedIndicator
+is a convenience function that calls
+.I XkbGetNamedDeviceIndicator
+with a
+.I device_spec
+of
+.BR XkbUseCoreKbd ,
+a
+.I led_class
+of
+.BR XkbDfltXIClass ,
+and a
+.I led_id
+of
+.BR XkbDfltXIId .
+It returns the return value from
+.IR XkbGetNamedDeviceIndicator .
+
 .SH "RETURN VALUES"
 .TP 15
 True
 The 
-.I XkbGetNamedIndicator 
-function returns True if the device specified by 
+.IR XkbGetNamedIndicator " and " XkbGetNamedDeviceIndicator
+functions return True if the device specified by
 .I device_spec 
 has an indicator named 
-.I name.
+.IR name .
 .TP 15
 False
 The 
-.I XkbGetNamedIndicator 
-function returns False if the device specified by 
+.IR XkbGetNamedIndicator " and " XkbGetNamedDeviceIndicator
+functions return False if the device specified by
 .I device_spec 
 does not have an indicator named 
-.I name.
+.IR name .
 .SH "SEE ALSO"
 .BR XkbGetNames (__libmansuffix__)

man/xkb/XkbKeyNumGroups.man

@@ -97,7 +97,7 @@ XkbRedirectIntoRange	XkbRedirectIntoRange
 XkbClampIntoRange	XkbClampIntoRange
 none of the above	XkbWrapIntoRange
 .TE
-
+.LP
 .\"--- Chapter 10
 The Xkb extension is composed of two parts: a server extension, and a 
 client-side X library extension. 
@@ -142,7 +142,7 @@ function to manipulate one
 control individually, you do not use an XkbControlsRec structure directly.
 
 The Xkb controls are grouped as shown in Table 2.
-
+.ad l
 .TS
 c s s 
 l l l
@@ -152,43 +152,51 @@ _
 Type of Control	Control Name	Boolean Control?
 _
 T{
-Controls for enabling and disabling other controls
+Controls for enabling and \%disabling other controls
 T}	EnabledControls	No
-	AutoReset	No
+\^	AutoReset	No
+_
 T{
 Control for bell behavior
 T}	AudibleBell	Boolean
+_
 T{
 Controls for repeat key behavior
 T}	PerKeyRepeat	No
-	RepeatKeys	Boolean
-	DetectableAutorepeat	Boolean
+\^	RepeatKeys	Boolean
+\^	DetectableAutorepeat	Boolean
+_
 T{
-Controls for keyboard overlays
+Controls for \%keyboard overlays
 T}	Overlay1	Boolean
-	Overlay2	Boolean
+\^	Overlay2	Boolean
+_
 T{
 Controls for using the mouse from the keyboard
 T}	MouseKeys	Boolean
-	MouseKeysAccel	Boolean
+\^	MouseKeysAccel	Boolean
+_
 T{
 Controls for better keyboard access by
-T}	AccessXFeedback	Boolean
-T{
 physically impaired persons
-T}	AccessXKeys	Boolean
-	AccessXTimeout	Boolean
-	BounceKeys	Boolean
-	SlowKeys	Boolean
-	StickyKeys	Boolean
+T}	AccessXFeedback	Boolean
+\^	AccessXKeys	Boolean
+\^	AccessXTimeout	Boolean
+\^	BounceKeys	Boolean
+\^	SlowKeys	Boolean
+\^	StickyKeys	Boolean
+_
 T{
 Controls for general keyboard mapping
 T}	GroupsWrap	No
-	IgnoreGroupLock	Boolean
-	IgnoreLockMods	No
-	InternalMods	No
+\^	IgnoreGroupLock	Boolean
+\^	IgnoreLockMods	No
+\^	InternalMods	No
+_
 .TE
+.ad n
 
+.LP
 The individual categories and controls are described first, together with 
 functions for manipulating 
 them.
@@ -212,9 +220,9 @@ handling */
     } XkbSymMapRec, *XkbSymMapPtr;
 
 .fi
-
-.nf
+.LP
 The XkbControlsRec structure is defined as follows:
+.nf
 
     #define XkbMaxLegalKeyCode     255
     #define XkbPerKeyBitArraySize  ((XkbMaxLegalKeyCode+1)/8)

man/xkb/XkbOpenDisplay.man

@@ -25,7 +25,7 @@ XkbOpenDisplay \-  Checks for a compatible version of the Xkb extension in both
 the library and the server, and initializes the extension for use.
 .SH SYNOPSIS
 .HP
-.B Display XkbOpenDisplay
+.B Display *XkbOpenDisplay
 .BI "(\^char *" "display_name" "\^,"
 .BI "int *" "event_rtrn" "\^,"
 .BI "int *" "error_rtrn" "\^,"

man/xkb/XkbSetNamedDeviceIndicator.man

+.so man__libmansuffix__/XkbSetNamedIndicator.__libmansuffix__

man/xkb/XkbSetNamedIndicator.man

-.\" Copyright 1999 Oracle and/or its affiliates. All rights reserved.
+.\" Copyright 1999, 2017, Oracle and/or its affiliates. All rights reserved.
 .\"
 .\" Permission is hereby granted, free of charge, to any person obtaining a
 .\" copy of this software and associated documentation files (the "Software"),
@@ -26,9 +26,19 @@ the state of the indicator; sets the indicator to a specified state and sets the
 indicator map for the indicator
 .SH SYNOPSIS
 .HP
-.B Bool XkbSetNamedIndicator
+.HP
+.B Bool XkbSetNamedDeviceIndicator
 .BI "(\^Display *" "dpy" "\^,"
 .BI "unsigned int " "device_spec" "\^,"
+.BI "unsigned int " "led_class" "\^,"
+.BI "unsigned int " "led_id" "\^,"
+.BI "Atom " "name" "\^,"
+.BI "Bool " "change_state" "\^,"
+.BI "Bool " "state" "\^,"
+.BI "Bool " "create_new" "\^,"
+.BI "XkbIndicatorMapPtr " "map" "\^);"
+.B Bool XkbSetNamedIndicator
+.BI "(\^Display *" "dpy" "\^,"
 .BI "Atom " "name" "\^,"
 .BI "Bool " "change_state" "\^,"
 .BI "Bool " "state" "\^,"
@@ -44,6 +54,12 @@ connection to the X server
 .I \- device_spec
 device ID, or XkbUseCoreKbd
 .TP
+.I \- led_class
+feedback class, or XkbDfltXIClass
+.TP
+.I \- led_id
+feedback ID, or XkbDfltXIId
+.TP
 .I \- name
 name of the indicator to change
 .TP
@@ -61,7 +77,7 @@ new map for the indicator
 .SH DESCRIPTION
 .LP
 If a compatible version of the Xkb extension is not available in the server, 
-.I XkbSetNamedIndicator 
+.I XkbSetNamedDeviceIndicator
 returns False. Otherwise, it sends a request to the X server to change the 
 indicator specified by 
 .I name 
@@ -69,13 +85,16 @@ and returns True.
  
 If 
 .I change_state 
-is True, and the optional parameter, 
-.I state, 
-is not NULL, 
-.I XkbSetNamedIndicator 
+is True, 
+.I XkbSetNamedDeviceIndicator
 tells the server to change the state of the named indicator to the value 
 specified by 
-.I state. 
+.IR state .
+If
+.I change_state
+is False, then
+.I state
+is not used.
 
 If an indicator with the name specified by 
 .I name 
@@ -85,26 +104,45 @@ parameter tells the server whether it should create a new named indicator. If
 .I create_new 
 is True, the server finds the first indicator that doesn't have a name and gives 
 it the name specified by 
-.I name. 
+.IR name .
 If the optional parameter, 
-.I map, is not NULL, 
-.I XkbSetNamedIndicator 
+.IR map ,
+is not NULL,
+.I XkbSetNamedDeviceIndicator
 tells the server to change the indicator's map to the values specified in 
-.I map.
+.IR map .
 
 In addition, it can also generate XkbIndicatorStateNotify, 
 XkbIndicatorMapNotify, and XkbNamesNotify events.
+.LP
+.I XkbSetNamedIndicator
+is a convenience function that calls
+.I XkbSetNamedDeviceIndicator
+with a
+.I device_spec
+of
+.BR XkbUseCoreKbd ,
+a
+.I led_class
+of
+.BR XkbDfltXIClass ,
+and a
+.I led_id
+of
+.BR XkbDfltXIId .
+It returns the return value from
+.IR XkbSetNamedDeviceIndicator .
 .SH "RETURN VALUES"
 .TP 15
 True
 The 
-.I XkbSetNamedIndicator 
-function returns True if a compatible version of the Xkb extension is available in the server.
+.IR XkbSetNamedIndicator " and " XkbSetNamedDeviceIndicator
+functions return True if a compatible version of the Xkb extension is available in the server.
 .TP 15
 False
 The 
-.I XkbSetNamedIndicator 
-function returns False if a compatible version of the Xkb extension is not available in the server.
+.IR XkbSetNamedIndicator " and " XkbSetNamedDeviceIndicator
+functions return False if a compatible version of the Xkb extension is not available in the server.
 .SH DIAGNOSTICS
 .TP 15
 .B BadAtom
@@ -112,6 +150,24 @@ A name is neither a valid Atom or None
 .TP 15
 .B BadImplementation
 Invalid reply from server
+.TP 15
+.B BadKeyboard
+.I device_spec
+does not specify a device with indicators.
+.TP 15
+.B BadMatch
+.I led_id
+is not
+.B DfltXIId
+and does not specify a feedback of the class specified by
+.I led_class
+on the device specified by
+.IR device_spec .
+.TP 15
+.B BadValue
+.I led_class
+does not specify
+.BR DfltXIClass ", " LedFeedbackClass ", or " KbdFeedbackClass .
 .SH "SEE ALSO"
 .BR XkbIndicatorMapNotify (__libmansuffix__),
 .BR XkbIndicatorStateNotify (__libmansuffix__),

modules/im/ximcp/imCallbk.c

@@ -624,16 +624,16 @@ _XimPreeditCaretCallback(Xim im,
      */
     {
 	CARD8 buf[sz_ximPacketHeader + sz_ximPreeditCaretReply];
-	INT16 len = sz_XIMID + sz_XICID + sz_ximPreeditCaretReply;
+	INT16 rlen = sz_XIMID + sz_XICID + sz_ximPreeditCaretReply;
 	int p;
 
-	_XimSetHeader((XPointer)buf, XIM_PREEDIT_CARET_REPLY, 0, &len);
+	_XimSetHeader((XPointer)buf, XIM_PREEDIT_CARET_REPLY, 0, &rlen);
 	p = XIM_HEADER_SIZE;
 	*(CARD16*)&buf[p] = (CARD16)im->private.proto.imid; p += sz_CARD16;
 	*(CARD16*)&buf[p] = (CARD16)ic->private.proto.icid; p += sz_CARD16;
 	*(CARD32*)&buf[p] = (CARD32)cbs.position;
 
-	if (!(_XimWriteData(im, len, buf))) {
+	if (!(_XimWriteData(im, rlen, buf))) {
 	    return XimCbError;
 	}
 	_XimFlushData(im);

modules/im/ximcp/imDefIc.c

@@ -231,9 +231,8 @@ _XimReCreateIC(ic)
 
     _XimRegisterFilter(ic);
     MARK_IC_CONNECTED(ic);
-    if (save_ic->private.proto.ic_resources)
+
     Xfree(save_ic->private.proto.ic_resources);
-    if (save_ic->private.proto.ic_inner_resources)
     Xfree(save_ic->private.proto.ic_inner_resources);
     Xfree(save_ic);
     return True;
@@ -845,22 +844,22 @@ _XimProtoICFree(
     Xim		 im = (Xim)ic->core.im;
 #endif
 
-    if (ic->private.proto.preedit_font) {
+
     Xfree(ic->private.proto.preedit_font);
     ic->private.proto.preedit_font = NULL;
-    }
-    if (ic->private.proto.status_font) {
+
+
     Xfree(ic->private.proto.status_font);
     ic->private.proto.status_font = NULL;
-    }
+
     if (ic->private.proto.commit_info) {
 	_XimFreeCommitInfo(ic);
 	ic->private.proto.commit_info = NULL;
     }
-    if (ic->private.proto.ic_inner_resources) {
+
     Xfree(ic->private.proto.ic_inner_resources);
     ic->private.proto.ic_inner_resources = NULL;
-    }
+
 
 #ifdef XIM_CONNECTABLE
     if (IS_SERVER_CONNECTED(im) && IS_RECONNECTABLE(im)) {
@@ -868,18 +867,18 @@ _XimProtoICFree(
     }
 #endif /* XIM_CONNECTABLE */
 
-    if (ic->private.proto.saved_icvalues) {
+
     Xfree(ic->private.proto.saved_icvalues);
     ic->private.proto.saved_icvalues = NULL;
-    }
-    if (ic->private.proto.ic_resources) {
+
+
     Xfree(ic->private.proto.ic_resources);
     ic->private.proto.ic_resources = NULL;
-    }
-    if (ic->core.hotkey) {
+
+
     Xfree(ic->core.hotkey);
     ic->core.hotkey = NULL;
-    }
+
 
     return;
 }

modules/im/ximcp/imInsClbk.c

@@ -108,7 +108,7 @@ _XimFilterPropertyNotify(
     }
 
     lock = True;
-    for( ii = 0; ii < nitems; ii++, atoms ) {
+    for( ii = 0; ii < nitems; ii++ ) {
 	if(XGetSelectionOwner (display, atoms[ii])) {
 	    for( icb = callback_list; icb; icb = icb->next ) {
 		if( !icb->call  &&  !icb->destroy ) {

modules/im/ximcp/imLcIm.c

@@ -82,8 +82,8 @@ struct _XimCacheStruct {
     DTCharIndex     mbused;
     DTCharIndex     wcused;
     DTCharIndex     utf8used;
-    char            fname[1];
-    /* char encoding[1] */
+    char            fname[];
+    /* char encoding[] */
 };
 
 static struct  _XimCacheStruct* _XimCache_mmap = NULL;
@@ -281,7 +281,7 @@ _XimReadCachedDefaultTree(
     assert (m->id == XIM_CACHE_MAGIC);
     assert (m->version == XIM_CACHE_VERSION);
     if (size != m->size ||
-	size < XOffsetOf (struct _XimCacheStruct, fname) + namelen + encodinglen) {
+	size < sizeof (struct _XimCacheStruct) + namelen + encodinglen) {
 	fprintf (stderr, "Ignoring broken XimCache %s [%s]\n", name, encoding);
         munmap (m, size);
         return False;
@@ -442,7 +442,7 @@ _XimWriteCachedDefaultTree(
     int   fd;
     FILE *fp;
     struct _XimCacheStruct *m;
-    int   msize = (XOffsetOf(struct _XimCacheStruct, fname)
+    int   msize = (sizeof(struct _XimCacheStruct)
 		   + strlen(name) + strlen(encoding) + 2
 		   + XIM_CACHE_TREE_ALIGNMENT-1) & -XIM_CACHE_TREE_ALIGNMENT;
     DefTreeBase *b = &im->private.local.base;

modules/im/ximcp/imLcLkup.c

@@ -61,8 +61,8 @@ _XimLocalMbLookupString(XIC xic, XKeyEvent *ev, char *buffer, int bytes,
 	    ||(ic->private.local.brl_committed != 0))) {
 	if (ic->private.local.brl_committed != 0) { /* Braille Event */
 	    unsigned char pattern = ic->private.local.brl_committed;
-	    char mb[XLC_PUBLIC(ic->core.im->core.lcd, mb_cur_max)];
-	    ret = _Xlcwctomb(ic->core.im->core.lcd, mb, BRL_UC_ROW | pattern);
+	    char mb2[XLC_PUBLIC(ic->core.im->core.lcd, mb_cur_max)];
+	    ret = _Xlcwctomb(ic->core.im->core.lcd, mb2, BRL_UC_ROW | pattern);
 	    if(ret > bytes) {
 		if(status) *status = XBufferOverflow;
 		return(ret);
@@ -74,7 +74,7 @@ _XimLocalMbLookupString(XIC xic, XKeyEvent *ev, char *buffer, int bytes,
 		} else {
 		    if(status) *status = XLookupChars;
 		}
-		memcpy(buffer, mb, ret);
+		memcpy(buffer, mb2, ret);
 	    } else {
 		if(keysym) {
 		    if(status) *status = XLookupKeySym;

modules/om/generic/omGeneric.c

@@ -1617,17 +1617,16 @@ free_fontdataOM(
     FontData	font_data,
     int		font_data_count)
 {
+    if (!font_data)
+	return;
+
     for( ; font_data_count-- ; font_data++) {
-	if(font_data->name){
 	    Xfree(font_data->name);
 	    font_data->name = NULL;
-	}
-	if(font_data->scopes){
 	    Xfree(font_data->scopes);
 	    font_data->scopes = NULL;
     }
 }
-}
 
 static Status
 close_om(
@@ -1639,51 +1638,41 @@ close_om(
 
     if ((data = gen->data)) {
 	for (count = gen->data_num; count-- > 0; data++) {
-	    if (data->charset_list){
 		Xfree(data->charset_list);
 		data->charset_list = NULL;
-	    }
+	
 	    /* free font_data for om */
-	    if (data->font_data) {
 		free_fontdataOM(data->font_data,data->font_data_count);
 		Xfree(data->font_data);
 		data->font_data = NULL;
-	    }
+
 	    /* free substitute for om */
-	    if (data->substitute) {
 		free_fontdataOM(data->substitute,data->substitute_num);
 		Xfree(data->substitute);
 		data->substitute = NULL;
-	    }
+
 	    /* free vmap for om */
-	    if (data->vmap) {
 		free_fontdataOM(data->vmap,data->vmap_num);
 		Xfree(data->vmap);
 		data->vmap = NULL;
-	    }
+
 	    /* free vrotate for om */
-	    if (data->vrotate) {
 		Xfree(data->vrotate);
 		data->vrotate = NULL;
 	}
-	}
 	Xfree(gen->data);
 	gen->data = NULL;
     }
 
-    if (gen->object_name){
 	Xfree(gen->object_name);
 	gen->object_name = NULL;
-    }
 
-    if (om->core.res_name){
 	Xfree(om->core.res_name);
 	om->core.res_name = NULL;
-    }
-    if (om->core.res_class){
+
 	Xfree(om->core.res_class);
 	om->core.res_class = NULL;
-    }
+
     if (om->core.required_charset.charset_list &&
 	om->core.required_charset.charset_count > 0){
 	XFreeStringList(om->core.required_charset.charset_list);
@@ -1692,10 +1681,9 @@ close_om(
 	Xfree((char*)om->core.required_charset.charset_list);
 	om->core.required_charset.charset_list = NULL;
     }
-    if (om->core.orientation_list.orientation){
+
 	Xfree(om->core.orientation_list.orientation);
 	om->core.orientation_list.orientation = NULL;
-    }
 
     Xfree(om);