-diff -Nur gdm-2.0beta4/daemon/xdmcp.c gdm-2.0beta4.new/daemon/xdmcp.c
---- gdm-2.0beta4/daemon/xdmcp.c Thu Sep 30 00:56:35 1999
-+++ gdm-2.0beta4.new/daemon/xdmcp.c Thu Dec 21 21:51:44 2000
-@@ -149,7 +149,7 @@
- int gdm_xdmcp_init (void);
- void gdm_xdmcp_run (void);
- void gdm_xdmcp_close (void);
--static void gdm_xdmcp_decode_packet (void);
-+static gboolean gdm_xdmcp_decode_packet (void);
- static void gdm_xdmcp_handle_query (struct sockaddr_in *clnt_sa, gint len, gint type);
- static void gdm_xdmcp_send_forward_query (GdmIndirectDisplay *id, ARRAYofARRAY8Ptr authlist);
- static void gdm_xdmcp_handle_forward_query (struct sockaddr_in *clnt_sa, gint len);
-@@ -267,7 +267,7 @@
- }
+--- gdm-2.24.0.orig/daemon/gdm-server.c 2008-10-03 00:53:12.000000000 +0200
++++ gdm-2.24.0/daemon/gdm-server.c 2008-10-03 00:53:57.000000000 +0200
+@@ -419,7 +419,7 @@
+ g_debug ("GdmServer: Opening logfile for server %s", log_path);
+ VE_IGNORE_EINTR (g_unlink (log_path));
+- VE_IGNORE_EINTR (logfd = open (log_path, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0644));
++ VE_IGNORE_EINTR (logfd = open (log_path, O_CREAT|O_APPEND|O_TRUNC|O_WRONLY|O_EXCL, 0640));
--static void
-+static gboolean
- gdm_xdmcp_decode_packet (void)
- {
- struct sockaddr_in clnt_sa;
-@@ -282,17 +282,17 @@
-
- if (!XdmcpFill (xdmcpfd, &buf, &clnt_sa, &sa_len)) {
- gdm_error (_("gdm_xdmcp_decode: Could not create XDMCP buffer!"));
-- return;
-+ return TRUE;
- }
-
- if (!XdmcpReadHeader (&buf, &header)) {
- gdm_error (_("gdm_xdmcp_decode: Could not read XDMCP header!"));
-- return;
-+ return TRUE;
- }
-
- if (header.version != XDM_PROTOCOL_VERSION) {
- gdm_error (_("gdm_xdmcp_decode: Incorrect XDMCP version!"));
-- return;
-+ return TRUE;
- }
-
- gdm_debug ("gdm_xdmcp_decode: Received opcode %s from client %s",
-@@ -335,6 +335,8 @@
- inet_ntoa (clnt_sa.sin_addr));
- break;
- }
-+
-+ return TRUE;
- }
-
-
-@@ -437,12 +439,15 @@
-
- /* Read display port */
- if (! XdmcpReadARRAY8 (&buf, &clnt_port)) {
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_addr);
- gdm_error (_("gdm_xdmcp_handle_forward_query: Could not read display port number"));
- return;
- }
-
- /* Extract array of authentication names from Xdmcp packet */
- if (! XdmcpReadARRAYofARRAY8 (&buf, &clnt_authlist)) {
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_addr);
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_port);
- gdm_error (_("gdm_xdmcp_handle_forward_query: Could not extract authlist from packet"));
- return;
- }
-@@ -459,7 +464,7 @@
-
- if (len != explen) {
- gdm_error (_("gdm_xdmcp_handle_forward_query: Error in checksum"));
-- return;
-+ goto out;
- }
-
- /* Find client port number */
-@@ -467,7 +472,7 @@
- port = port*256+clnt_port.data[i];
-
- /* Find client address. Ugly, ugly. Endianness sucks... */
-- memmove (&ia.s_addr, clnt_addr.data, clnt_addr.length);
-+ memmove (&ia.s_addr, clnt_addr.data, MIN(clnt_addr.length, sizeof(ia.s_addr)));
-
- gdm_debug ("gdm_xdmcp_handle_forward_query: Got FORWARD_QUERY from display: %s, port %d",
- inet_ntoa (ia), port);
-@@ -478,14 +483,18 @@
- disp_sa->sin_port = htons (port);
- disp_sa->sin_addr.s_addr = ia.s_addr;
-
-- /* Cleanup */
-- XdmcpDisposeARRAYofARRAY8 (&clnt_authlist);
--
- /* Check with tcp_wrappers if display is allowed to access */
- if (gdm_xdmcp_host_allow (disp_sa))
- gdm_xdmcp_send_willing (disp_sa);
- else
- gdm_xdmcp_send_unwilling (disp_sa, FORWARD_QUERY);
-+
-+ out:
-+ g_free(disp_sa);
-+ /* Cleanup */
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_authlist);
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_port);
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_addr);
- }
-
-
-@@ -512,7 +521,6 @@
- XdmcpFlush (xdmcpfd, &buf, clnt_sa, sizeof (struct sockaddr_in));
- }
-
--
- static void
- gdm_xdmcp_send_unwilling (struct sockaddr_in *clnt_sa, gint type)
- {
-@@ -540,13 +548,13 @@
- static void
- gdm_xdmcp_handle_request (struct sockaddr_in *clnt_sa, gint len)
- {
-- static CARD16 clnt_dspnum;
-- static ARRAY16 clnt_conntyp;
-- static ARRAYofARRAY8 clnt_addr;
-- static ARRAY8 clnt_authname;
-- static ARRAY8 clnt_authdata;
-- static ARRAYofARRAY8 clnt_authorization;
-- static ARRAY8 clnt_manufacturer;
-+ CARD16 clnt_dspnum;
-+ ARRAY16 clnt_conntyp;
-+ ARRAYofARRAY8 clnt_addr;
-+ ARRAY8 clnt_authname;
-+ ARRAY8 clnt_authdata;
-+ ARRAYofARRAY8 clnt_authorization;
-+ ARRAY8 clnt_manufacturer;
- gint explen;
- gint i;
- gboolean mitauth = FALSE;
-@@ -637,6 +645,13 @@
- gdm_xdmcp_send_accept (clnt_sa, clnt_dspnum);
- else
- gdm_xdmcp_send_decline (clnt_sa);
-+
-+ XdmcpDisposeARRAY8 (&clnt_authname);
-+ XdmcpDisposeARRAY8 (&clnt_authdata);
-+ XdmcpDisposeARRAY8 (&clnt_manufacturer);
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_addr);
-+ XdmcpDisposeARRAYofARRAY8 (&clnt_authorization);
-+ XdmcpDisposeARRAY16 (&clnt_conntyp);
- }
-
-
-@@ -797,6 +812,8 @@
- gdm_debug ("gdm_xdmcp_handle_manage: Failed to look up session id %d", clnt_sessid);
- gdm_xdmcp_send_refuse (clnt_sa, clnt_sessid);
- }
-+
-+ XdmcpDisposeARRAY8(&clnt_dspclass);
- }
-
+ g_free (log_path);