commit 3c2d5aedd7708c75710b39268631762de904c304
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Sep 5 11:15:04 2024 +1000

    libXi 1.8.2
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit a5af26c654b4da5fd5eaaeaa2173c734ab9e63ec
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Aug 27 11:01:06 2024 +1000

    XGetFeedbackControl: skip over unknown feedback controls
    
    If the server sends an unknown feedback control class we would allocate
    the amount of *protocol* bytes for the client representation but then
    later mess up the actual composition of the classes due to
    Feedback->length never being initialized.
    
    So while in theory it looks like this:
       |-------------- allocated size -----------------|
       [led feedback] [ ?unknown? ] [kbd feedback][....]
    with unknown being the size of the class on the protocol,
    in practice it looks like this:
       |-------------- allocated size -----------------|
       [led feedback] [ ?unknown?                ] [kbd feedback][...]
    with unknown being the size of whatever was in the Feeback->length
    pointed to at the time. The content of unknown is never initialized.
    
    Fix this by making unknown classes disappear so the above becomes:
       |------- allocated size ---------|
       [led feedback][kbd feedback][....]
    
    Closes #16
    
    Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxi/-/merge_requests/18>

commit dabce4dbe5eab35076e31fd0a628cbe11b858fa1
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Mon Aug 26 11:49:49 2024 -0700

    wireTo*Event: check for malloc() failure
    
    Fixes 6 -Wanalyzer-possible-null-dereference and
    1 -Wanalyzer-null-dereference and warnings from gcc 14.1
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxi/-/merge_requests/17>

commit 56b11459f833df8f324587847534a548b070da94
Author: kyomawolf <kyomawolf@kyomawolf.eu>
Date:   Thu Oct 5 21:52:36 2023 +0200

    fixed wrong type in man page
    
    Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxi/-/merge_requests/14>

commit 57ce2e8ba4c1f1bc5792e14bc7082f3ebd0915be
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Mon Jan 29 11:27:11 2024 +1000

    Allow XIFreeDeviceInfo on a null pointer

commit a340bc0424a73d9fc4badbb7aee5284877635ca9
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Oct 13 11:17:43 2023 -0700

    gitlab CI: Update to latest CI templates
    
    Current template fails to rebuild the CI container with the current
    Debian stable release (a new release since the last update)
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 09f3eb570fe79bfc0c430b6059d7b4acaf371c24
Author: Matthieu Herrb <matthieu@herrb.eu>
Date:   Sat Aug 5 10:32:03 2023 +0000

    Fix double alignment on 32bits machines with strict constraints

commit 3a7503ec7703f10de17c622ea22b7bff736cea74
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu May 4 14:42:12 2023 +1000

    libXi 1.8.1
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 0f1541e1e5bd57686edf95c3532544556ed370bb
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Fri Apr 28 11:12:47 2023 +1000

    Initialize a few stack vars to zero
    
    Modified version of the patch from #4
    
    Fixes #4
    
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 826215af0cc46b19555063b8894de6781d4c5993
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 4 10:44:45 2023 -0800

    configure: Use LT_INIT from libtool 2 instead of deprecated AC_PROG_LIBTOOL
    
    AC_PROG_LIBTOOL was replaced by LT_INIT in libtool 2 in 2008,
    so it's time to rely on it.
    
    Clears autoconf warnings:
    
    configure.ac:13: warning: The macro `AC_PROG_LIBTOOL' is obsolete.
    configure.ac:13: You should run autoupdate.
    aclocal.m4:3465: AC_PROG_LIBTOOL is expanded from...
    configure.ac:13: the top level
    
    libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac,
    libtoolize: and rerunning libtoolize and aclocal.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 08431d0684f9a1edf199f6c6060d2bef1ac78399
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Aug 25 15:39:36 2022 -0700

    XInput_find_display: Don't dereference NULL dpyinfo
    
    Unlikely, but could happen if calloc fails in XextAddDisplay()
    
    Relies on XextHasExtension(i) macro from <X11/extensions/extutil.h>
    which checks for ((i) && ((i)->codes))
    
    Fixes: #15
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit bca3474a8622fde5815260461784282f78a4efb5
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Jul 23 15:29:23 2022 -0700

    gitlab CI: enable gitlab's builtin static analysis
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 87202ce9851c5fb61038829abd5b1feb42334a35
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Jul 23 15:28:42 2022 -0700

    gitlab CI: enable commit & merge request checks
    
    Uses ci-fairy from freedesktop/ci-templates
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 0fb16bad9c851c11d171ff601bf8adae9ffc6fdb
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jul 17 13:39:34 2022 -0700

    Fix spelling/wording issues
    
    Found by using:
        codespell --builtin clear,rare,informal,code,names
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit ed12a34ed79d3751fc35194d93b7ad370a1a8b8a
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jul 17 13:34:52 2022 -0700

    Build xz tarballs instead of bzip2
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit f24d7f43ab4d97203e60677a3d42e11dbc80c8b4
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Wed Sep 15 19:28:03 2021 +0300

    libXi 1.8
    
    Signed-off-by: Povilas Kanapickas <povilas@radix.lt>

commit dd9a260b29c50be90e92048b0e067456ff18675e
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Wed Sep 15 19:27:50 2021 +0300

    Bump the requirement of inputproto to 2.3.99.1

commit a761ae5119b1460068d6f62219c4e2705ef20814
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sat Sep 4 00:03:50 2021 +0300

    man: Document XIAllowEvents

commit 42ee1f0b0660c5d6aaefbb55ef76ea97ad57d4f6
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Tue Jun 1 14:43:39 2021 +0300

    libXi 1.7.99.2

commit a7343d53509e66d92e91238e9f4ecc2bf154e045
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sun May 30 20:47:38 2021 +0300

    gitlab-ci: Setup gitlab build

commit dd3df0b61499fa231a5a82e14d17bf37ce917d1d
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sun May 30 19:56:18 2021 +0300

    Fix compile error that slipped through
    
    Lesson for the future: make sure the private environment (e.g
    convenience scripts) don't add changes where they are not expected. In
    my case I'm building and installing Debian packages straigth away. And
    one of the extra commits for Debian support had a change that had to go
    to the libXi repository.
    
    The development snapshot 1.7.99.1 has thus not been released (only a
    commit with the version bump was pushed).
    
    Signed-off-by: Povilas Kanapickas <povilas@radix.lt>

commit f036a6399a0bb1808dc82f7a91a1ae5a7e57691e
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sun May 30 19:38:07 2021 +0300

    libXi 1.7.99.1

commit 4b2f0f0c0674915645881d9b73e9b8d4cf1a315f
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sat Oct 10 02:53:42 2020 +0300

    Update the list of supported XI versions

commit ed1788b8c3a78f6dc523487e46e202a5f667407c
Author: Povilas Kanapickas <povilas@radix.lt>
Date:   Sat Oct 10 02:53:41 2020 +0300

    Add support for XI 2.4 gesture events

commit 8b4ea802fa3ba769dc8335f0e72c6f0cb7c9c35e
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Oct 4 13:48:06 2020 -0700

    man pages: fix more typos
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 6affddac55f03bff63b1e37e475d8e0d0bb84e85
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Oct 4 13:21:24 2020 -0700

    man pages: Add more missing spaces.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit cff134328cb31df5e366729aca6c4131a1e3304f
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Oct 4 13:15:13 2020 -0700

    man/XGrabDeviceButton.txt: Fix bad .P -> paragraph break conversion
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 0944a10d6e22b02f229b4bbaab60aac170ef1bba
Author: Samanta Navarro <ferivoz@riseup.net>
Date:   Sun Oct 4 18:55:06 2020 +0000

    Fix typos in manual pages

commit e05da79a98775edb91ffe3de3b413f156bc4d6e7
Author: Matt Turner <mattst88@gmail.com>
Date:   Wed Jun 19 12:42:33 2019 -0400

    libXi 1.7.10
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit dd5cedb7cd631cf4aeaadfd9cb993f0086857dbd
Author: Matt Turner <mattst88@gmail.com>
Date:   Wed Jun 19 12:40:46 2019 -0400

    Replace open-coded FP3232_TO_DOUBLE
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit a42ee93c10bf9a63c22e0642d6e51877fba8dae5
Author: Alexander Bersenev <bay@hackerdom.ru>
Date:   Mon Jun 17 22:56:43 2019 +0500

    Fix the FIXME in XIValuatorClass case of copy_classes function in XExtInt.c
    
    In addition fix FP3232_TO_DOUBLE macro to correctly compute the fractional
    part.
    
    This fixes glitchy scrolling in Qt applications when the application was
    just activated or was scrolled in the backgroud. Qt uses XIQueryDevice
    call to synchronize internal scroll location with an actual one.
    
    Bug: https://gitlab.freedesktop.org/xorg/lib/libxi/issues/10

commit 3e38d823a162c21492ac243924325730d4ea61bf
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Dec 7 19:43:13 2018 -0800

    Update configure.ac bug URL for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit e020870b1e322e3458c1c18a456661f1951cab70
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Mon Nov 19 22:23:32 2018 -0800

    Update README for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit e7654506717f7ff08eae7ab4c0db3fc1c2d5b7ed
Author: Raphaël Droz <raphael.droz+floss@gmail.com>
Date:   Sat Oct 27 22:17:31 2018 +0000

    Update XIChangeHierarchy.txt

commit 60ef7bab67aca3dd7c83e8726feb3c46869a74c2
Author: Jeff Smith <whydoubt@gmail.com>
Date:   Thu Feb 1 01:59:56 2018 -0600

    _XIPassiveGrabDevice needs to set time value
    
    When setting up a XIPassiveGrabDevice request, the time field is not
    being set, leading to improper data being passed 'over the wire'.
    
    Accept a time value into _XIPassiveGrabDevice and use it to set the time
    field in the request.  Since the the functions calling
    _XIPassiveGrabDevice are part of the API, and they do not accept time
    values, they can just pass CurrentTime.
    
    Signed-off-by: Jeff Smith <whydoubt@gmail.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit a1c639255b7a9270fea52de3f186eb2fca9de01a
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Wed Jun 14 11:15:01 2017 +1000

    man: add a bunch of missing spaces
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 8ffaac5710a9a983227454d8473604daae3f172a
Author: Mihail Konev <k.mvc@ya.ru>
Date:   Thu Jan 26 13:52:49 2017 +1000

    autogen: add default patch prefix
    
    Signed-off-by: Mihail Konev <k.mvc@ya.ru>

commit c6c386431e1fa6b45ff966191e68bee1150c5e87
Author: Emil Velikov <emil.l.velikov@gmail.com>
Date:   Mon Mar 9 12:00:52 2015 +0000

    autogen.sh: use quoted string variables
    
    Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
    fall-outs, when they contain space.
    
    Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit c7584066d5b06cd2bb9d99df43b741cf565820ea
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Jan 24 10:32:07 2017 +1000

    autogen.sh: use exec instead of waiting for configure to finish
    
    Syncs the invocation of configure with the one from the server.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    Reviewed-by: Emil Velikov <emil.velikov@collabora.com>

commit b87c312590877800b4e18a17a012b47839f5c06b
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Mon Jan 23 13:44:58 2017 +1000

    libXi 1.7.9
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 557b60798a9da49386f1034b133838332735de22
Author: Emilio Pozuelo Monfort <pochu@debian.org>
Date:   Tue Dec 27 17:24:10 2016 +0100

    Fix possible free of uninitialized pointer
    
    If the _XReply() call fails, we'll try to free an uninitialized
    pointer.
    
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849026
    
    Reported-by: Thomas Walker <thwalker3@gmail.com>
    Signed-off-by: Emilio Pozuelo Monfort <pochu@debian.org>
    Reviewed-by: Julien Cristau <jcristau@debian.org>
    Tested-by: Thomas Walker <thwalker3@gmail.com>
    Signed-off-by: Julien Cristau <jcristau@debian.org>

commit 4c5c8d6246debc06a56120cff71bfdf1877884d0
Author: Emilio Pozuelo Monfort <pochu@debian.org>
Date:   Tue Oct 25 21:31:19 2016 +0200

    Check that allocating a buffer succeeded
    
    Since we are going to write into the buffer, we should make sure the
    allocation didn't fail.
    
    Reported-by: Julien Cristau <jcristau@debian.org>
    Signed-off-by: Emilio Pozuelo Monfort <pochu@debian.org>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 7ac03c6c1907a39b5b42b17ad331295b8c85154d
Author: Emilio Pozuelo Monfort <pochu@debian.org>
Date:   Tue Oct 25 21:31:18 2016 +0200

    Plug a memory leak
    
    Introduced in commit 19a9cd6.
    
    Reported-by: Julien Cristau <jcristau@debian.org>
    Signed-off-by: Emilio Pozuelo Monfort <pochu@debian.org>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 1bdeb431c3cc9eec7e12fdd29a83237f2f228865
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Oct 25 12:43:44 2016 +1000

    libXi 1.7.8
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 43904c9c5a0f5750a03a9bd8c96ccda182eb5a9a
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Oct 13 13:33:11 2016 +1000

    XListInputDevices: don't touch ndevices in case of error
    
    We used to always set *ndevices to the number of devices returned by the
    server. This magically worked because we pretty much never returned an error
    except on faulty server or library implementations. With 19a9cd60 we now have
    more chances of getting an error, so the polite thing is to just leave *ndevices
    alone when we error out.
    
    Document it as such in the man page, just in case someone accidentally reads
    it.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    CC: Niels Ole Salscheider <niels_ole@salscheider-online.de>
    Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>

commit b843fe1c0a6b4dbaae9f364042c6a247249305ef
Author: Niels Ole Salscheider <niels_ole@salscheider-online.de>
Date:   Fri Oct 7 21:46:44 2016 +0200

    SizeClassInfo can return 0 even without an error
    
    Catch the error case separately. Commit 19a9cd607d added length checking to
    SizeClassInfo but re-used the return value of 0 for an error. A device without
    classes (as is initialized by xf86-input-libinput for tablets) can
    legitimately return 0 and erroneously triggers an error.
    Fix this by using a separate value for the error.
    
    Reproducible by calling XListInputDevices() with a tablet attached.
    
    This fixes a regression introduced in commit 19a9cd607d.
    
    Signed-off-by: Niels Ole Salscheider <niels_ole@salscheider-online.de>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    Reviewed-by: Emil Velikov <emil.l.velikov@gmail.com>

commit 8e0476653dd134cee84f4e893f656b2f93c4e3b0
Author: Matthieu Herrb <matthieu.herrb@laas.fr>
Date:   Tue Oct 4 21:14:01 2016 +0200

    libXi 1.7.7
    
    Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>

commit 19a9cd607de73947fcfb104682f203ffe4e1f4e5
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun Sep 25 22:31:34 2016 +0200

    Properly validate server responses.
    
    By validating length fields from server responses, out of boundary
    accesses and endless loops can be mitigated.
    
    Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
    Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>

commit 2286282f965064176b3b1492646c6e2e0f4ab7dd
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Dec 22 11:20:01 2015 +1000

    libXi 1.7.6
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 13f25bfb55f4a0bc1f614cbf9b0b13a50ecad8a0
Author: Javier Pello <javier.pello@urjc.es>
Date:   Wed Oct 7 12:41:01 2015 +0200

    Fix const compiler warnings
    
    When invoking Data, Data16 and Data32 from XChangeDeviceProperty,
    we must cast the data pointer to the right type, but we do not need
    to cast constness away. This change allows to enable -Wcast-qual on
    the build and have it complete without warnings.
    
    Signed-off-by: Javier Pello <javier.pello@urjc.es>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 380861589690bcbe8b04b7a2c23b5dd5d10c4bf8
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Mon Oct 19 11:46:41 2015 +1000

    Don't use raw serial numbers in XIEvents
    
    cookie->serial is an Xlib contoction, provided by _XSetLastRequestRead(). This
    serial may be different to the raw serial number from the wire protocol.
    This causes issues when the raw serial is used to e.g. compare the event to
    other non-XI events.
    
    Use the cookie's serial number instead.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=756649
    
    See also https://bugs.freedesktop.org/show_bug.cgi?id=64687
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit f180dff710dc54d00e0e26b84de053151f8f207e
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Sep 10 01:16:19 2015 +1000

    libXi 1.7.5
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 05c86e53c0bae30e58b32b94e191c8720990918a
Author: Cosimo Cecchi <cosimoc@gnome.org>
Date:   Tue Feb 24 07:49:34 2015 +1000

    Fix version check in _XIAllowEvents
    
    Commit 5810d0797160a97012664ffe719a59e1b288a525 changed _XIAllowEvents() to
    use _XiCheckVersion() instead of _XiCheckExtInit() to avoid a double display
    unlock, but it failed to correctly check for the version, since we should set
    have_XI22 to True for every version greater or equal to 2.2.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit c648441036cf5ffc5225cd484e2c906d374f0a4b
Author: Michal Srb <msrb@suse.com>
Date:   Mon Nov 3 12:43:40 2014 +0200

    XIGrabDevice: Unlock display in error path.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 29c77457ad86966ae2204b865fb8b437269063c4
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:57 2014 +0200

    Refactor XGetExtensionVersion.
    
    _XiGetExtensionVersion was called from XGetExtensionVersion and from
    _XiCheckExtInit. When called from _XiCheckExtInit, nothing accounted for the
    fact that it can return ((XExtensionVersion *) NoSuchExtension) in case of
    error. Also it recursively calls _XiCheckExtInit potentionally causing multiple
    unlocks if _XiCheckExtInit fails.
    -> Remove it and call directly _XiGetExtensionVersionRequest and only call
    _XiCheckExtInit only from XGetExtensionVersion.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 5810d0797160a97012664ffe719a59e1b288a525
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:56 2014 +0200

    Fix logic in _XIAllowEvents and prevent double unlock.
    
    Replacing the second _XiCheckExtInit with _XiCheckVersion prevents possible
    double unlock as _XiCheckExtInit actually unlocks the display when it returns
    -1.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit f699770e7c92da1dbf16892fde83438f0b79c979
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:54 2014 +0200

    XIGetClientPointer: Return False on error.
    
    Not NoSuchExtension which is 1 = True!
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit dc1f8c6ec1ba8135afa185c8e8360c1ed90bf96c
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:53 2014 +0200

    Do not return NoSuchExtension casted to pointer as an error.
    
    Several functions were returning NoSuchExtension casted to a pointer in case of
    an error. Often in parallel with returning NULL in case of another error. It is
    undocumented and certainly wrong.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 83261c52a17543437882e2863b7f06a92c9039f8
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:52 2014 +0200

    XIChangeHierarchy: Add missing unlock.
    
    When num_changes <= 0 or Xmalloc fails, the display has to be unlocked.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 22ae8d4f26e92b17e1ce8239a38481933d6f1ca7
Author: Michal Srb <msrb@suse.com>
Date:   Sat Nov 1 20:00:51 2014 +0200

    Fix double unlock when _XiCheckExtInit return -1.
    
    _XiCheckExtInit unlocks the display if it fails and returns -1. Most callers
    account for it properly, but few didn't.
    
    Signed-off-by: Michal Srb <msrb@suse.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 71a42145b678be623e30bd5bf55833a04f14376f
Author: Julien Cristau <jcristau@debian.org>
Date:   Mon Oct 27 19:00:36 2014 +0100

    Advance the request buffer by the right amount in XIChangeHierarchy
    
    c->length is in 4-byte units, dptr is a char *, so we need to advance
    dptr by 4 * length to get the position of the next HierarchyChangeInfo.
    
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Julien Cristau <jcristau@debian.org>

commit 8c255b30f3a4ed8bf67e6bb76df47cbd480735f8
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Fri Jul 18 16:45:51 2014 +1000

    libXi 1.7.4
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit b731d1357d993663ee6b28d6627bdeba69b60dd2
Author: Owen W. Taylor <otaylor@fishsoup.net>
Date:   Fri Jul 11 15:13:54 2014 -0400

    Fix locking bugs with XIAllowTouchEvents() and XIUngrabTouchBegin()
    
    Fix two places where the display was double locked when an API
    function chained to an implementation that also locks the display.
    
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 0250f40fb7c9cb7d542189b9cd37e0ae75309729
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jul 10 08:58:48 2014 +1000

    libXi 1.7.3
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit aa628936c7d81ff5fe2da62964dc543c67ec66f1
Author: Jasper St. Pierre <jstpierre@mecheye.net>
Date:   Tue Jul 8 17:01:04 2014 -0400

    XIPassiveGrab: Fix completely broken locking in XIGrabTouchBegin
    
    _XIPassiveGrabDevice calls LockDisplay as the first thing it does. That
    means that it expects the display to be unlocked. XIGrabTouchBegin locks
    the display to check for the XI extension, and then never unlocks it.
    Effectively, this meant that anybody that called XIGrabTouchBegin after
    XInitThreads just got a deadlock.
    
    Cool.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit eb0c522e0ce5763b6bf181f1236e78ca94f98b7e
Author: Jasper St. Pierre <jstpierre@mecheye.net>
Date:   Tue Jul 8 17:01:03 2014 -0400

    XIPassiveGrab: Fix display locking inside _XIPassiveGrabDevice for error paths
    
    The code here before would just leave the display locked on error, which is
    all sorts of broken.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 288f3362133a36e2c370eb34caf6b5ed6c0764ca
Author: Michael Joost <mehl@michael-joost.de>
Date:   Sat Nov 23 09:51:57 2013 -0800

    Remove fallback for _XEatDataWords, require libX11 1.6 for it
    
    _XEatDataWords was orignally introduced with the May 2013 security
    patches, and in order to ease the process of delivering those,
    fallback versions of _XEatDataWords were included in the X extension
    library patches so they could be applied to older versions that didn't
    have libX11 1.6 yet.   Now that we're past that hurdle, we can drop
    the fallbacks and just require libX11 1.6 for building new versions
    of the extension libraries.
    
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit c4b261d230a8ed7c04a140f65d40af86ea73f2fa
Author: Keith Packard <keithp@keithp.com>
Date:   Thu Jul 25 11:46:17 2013 -0700

    man: Update XIQueryVersion docs to match new version compatibility semantics
    
    The X server now allows clients to specify any combination of versions
    starting with version 2.2, document how that works.
    
    Signed-off-by: Keith Packard <keithp@keithp.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit b6553cdb36c1bd7071d3bf0493216c5483325716
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Wed Jul 3 10:28:10 2013 +1000

    libXi 1.7.2
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit d804af99e2dfaf20b99822066a37d586f12c8a5f
Author: Thomas Klausner <wiz@NetBSD.org>
Date:   Thu Jun 27 17:16:38 2013 +0200

    Remove check that can never be true.
    
    clang warns:
    warning: comparison of constant 268435455 with expression of type
    'CARD16' (aka 'unsigned short') is always false
    
    Signed-off-by: Thomas Klausner <wiz@NetBSD.org>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 957a9d64afd76f878ce6c5570f369e2a7fc1e772
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jun 27 08:47:16 2013 +1000

    libXi 1.7.1.901
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 62033a9c83bcdc75b9f1452ce24729eefa8f4dc0
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jun 27 06:25:02 2013 +1000

    Include limits.h to prevent build error: missing INT_MAX
    
    Introduced in 4c8e9bcab459ea5f870d3e56eff15f931807f9b7.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 0f3f5a36d5fc6dc53f69f48a0c83aef6a1fcf381
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue May 28 15:52:34 2013 +1000

    If the XGetDeviceDontPropagateList reply has an invalid length, return 0
    
    If we skip over the reply data, return 0 as number of event classes.
    
    Follow-up to 6dd6dc51a2935c72774be81e5cc2ba2c30e9feff.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 35ae16dc2f16b24a22625b2d9f76a2128b673a6c
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue May 28 15:52:33 2013 +1000

    Change size += to size = in XGetDeviceControl
    
    size += blah is technically correct but it implies that we're looping or
    otherwise incrementing the size. Which we don't, it's only ever set once.
    
    Change this to avoid reviewer confusion.
    
    Reported-by: Dave "color-me-confused" Airlie <airlied@redhat.com>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 4c8e9bcab459ea5f870d3e56eff15f931807f9b7
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue May 28 15:52:32 2013 +1000

    Fix potential corruption in mask_len handling
    
    First: check for allocation failure on the mask.
    XI2 requires that the mask is zeroed, so we can't just Data() the mask
    provided by the client (it will pad) - we need a tmp buffer. Make sure that
    doesn't fail.
    
    Second:
    req->mask_len is a uint16_t, so check against malicious mask_lens that would
    cause us to corrupt memory on copy, as the code always allocates
    req->mask_len * 4, but copies mask->mask_len bytes.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 661c45ca17c434dbd342a46fd3fb813852ae0ca9
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue May 21 12:23:05 2013 +1000

    Don't overwrite the cookies serial number
    
    serial != sequenceNumber, see _XSetLastRequestRead()
    
    cookie->serial is already set at this point, setting it again directly from
    the sequenceNumber of the event causes a bunch of weird issues such as
    scrollbars and text drag-n-drop breaking.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=965347
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 81b4df8ac6aa1520c41c3526961014a6f115cc46
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 10 00:16:22 2013 -0800

    sign extension issue in XListInputDevices() [CVE-2013-1995]
    
    nptr is (signed) char, which can be negative, and will sign extend
    when added to the int size, which means size can be subtracted from,
    leading to allocating too small a buffer to hold the data being copied
    from the X server's reply.
    
    v2: check that string size fits inside the data read from the server,
        so that we don't read out of bounds either
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit ef82512288d8ca36ac0beeb289f158195b0a8cae
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 10 00:22:14 2013 -0800

    Avoid integer overflow in XListInputDevices() [CVE-2013-1984 8/8]
    
    If the length of the reply as reported by the Xserver is too long, it
    could overflow the calculation for the size of the buffer to copy the
    reply into, causing memory corruption.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 17071c1c608247800b2ca03a35b1fcc9c4cabe6c
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 10 13:30:55 2013 -0700

    Avoid integer overflow in XGetDeviceProperties() [CVE-2013-1984 7/8]
    
    If the number of items as reported by the Xserver is too large, it
    could overflow the calculation for the size of the buffer to copy the
    reply into, causing memory corruption.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 528419b9ef437e7eeafb41bf45e8ff7d818bd845
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XIGetSelectedEvents() [CVE-2013-1984 6/8]
    
    If the number of events or masks reported by the server is large enough
    that it overflows when multiplied by the size of the appropriate struct,
    or the sizes overflow as they are totaled up, then memory corruption can
    occur when more bytes are copied from the X server reply than the size
    of the buffer we allocated to hold them.
    
    v2: check that reply size fits inside the data read from the server,
        so that we don't read out of bounds either
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 242f92b490a695fbab244af5bad11b71f897c732
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XIGetProperty() [CVE-2013-1984 5/8]
    
    If the number of items reported by the server is large enough that
    it overflows when multiplied by the size of the appropriate item type,
    then memory corruption can occur when more bytes are copied from the
    X server reply than the size of the buffer we allocated to hold them.
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit bb922ed4253b35590f0369f32a917ff89ade0830
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XGetDeviceMotionEvents() [CVE-2013-1984 4/8]
    
    If the number of events or axes reported by the server is large enough
    that it overflows when multiplied by the size of the appropriate struct,
    then memory corruption can occur when more bytes are copied from the
    X server reply than the size of the buffer we allocated to hold them.
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 6dd6dc51a2935c72774be81e5cc2ba2c30e9feff
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XGetDeviceDontPropagateList() [CVE-2013-1984 3/8]
    
    If the number of event classes reported by the server is large enough
    that it overflows when multiplied by the size of the appropriate struct,
    then memory corruption can occur when more bytes are copied from the
    X server reply than the size of the buffer we allocated to hold them.
    
    V2: EatData if count is 0 but length is > 0 to avoid XIOErrors
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 322ee3576789380222d4403366e4fd12fb24cb6a
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XGetFeedbackControl() [CVE-2013-1984 2/8]
    
    If the number of feedbacks reported by the server is large enough that
    it overflows when multiplied by the size of the appropriate struct, or
    if the total size of all the feedback structures overflows when added
    together, then memory corruption can occur when more bytes are copied from
    the X server reply than the size of the buffer we allocated to hold them.
    
    v2: check that reply size fits inside the data read from the server, so
        we don't read out of bounds either
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit b0b13c12a8079a5a0e7f43b2b8983699057b2cec
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 9 22:55:23 2013 -0800

    integer overflow in XGetDeviceControl() [CVE-2013-1984 1/8]
    
    If the number of valuators reported by the server is large enough that
    it overflows when multiplied by the size of the appropriate struct, then
    memory corruption can occur when more bytes are copied from the X server
    reply than the size of the buffer we allocated to hold them.
    
    v2: check that reply size fits inside the data read from the server, so
    we don't read out of bounds either
    
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

commit 5398ac0797f7516f2c9b8f2869a6c6d071437352
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Apr 26 22:48:36 2013 -0700

    unvalidated lengths in XQueryDeviceState() [CVE-2013-1998 3/3]
    
    If the lengths given for each class state in the reply add up to more
    than the rep.length, we could read past the end of the buffer allocated
    to hold the data read from the server.
[--snip--]
