upas: don't hardcode path for rc(1)

sam: use get9root instead of duplicating the logic

lib9: pass $PLAN9_TARGET via CPP for get9root fallback value Allows this function to always return the proper path in situations where the $PLAN9 environment variable is not set, i.e. a rc login shell.

INSTALL: Always set PLAN9_TARGET environment variable That is, not only when -r was given. This allows using this veriable in mkfiles across the code base.

Added a paren to fix a warning in u.h

factotum: plug a memory leak in apop

fontsrv: always compute new height and ascent for the font file

devdraw/x11: fix modifier key handling for some XkbOptions Certain XkbOptions in X11 would change keysyms for modifier keys between the key press and key release. For example, under the XkbOptions "grp:shifts_toggle", though shift keys remain Shift_L/R when pressed, they become ISO_Group_Next/Prev when released. This behavior makes devdraw unable to detect the release event correctly and as a result mouse button 1 click always interpreted as button 3 event after a shift key is used.

Bail out if convW2M(...) indicates failure.

libdraw: fix out-of-bounds access to local buffer in event.c:startrpc() The function `startrpc()` stack allocates a local buffer of size 100: ```c static Muxrpc* startrpc(int type) { uchar buf[100]; ^^^^^^^^ Wsysmsg w; w.type = type; convW2M(&w, buf, sizeof buf); return muxrpcstart(display->mux, buf); } ``` The function `convW2M()` is called passing `buf`. That function accesses `buf` out-of-bounds: ```c uint convW2M(Wsysmsg *m, uchar *p, uint n) { ... case Tcursor2: PUT(p+6, m->cursor.offset.x); PUT(p+10, m->cursor.offset.y); memmove(p+14, m->cursor.clr, sizeof m->cursor.clr); memmove(p+46, m->cursor.set, sizeof m->cursor.set); PUT(p+78, m->cursor2.offset.x); PUT(p+82, m->cursor2.offset.y); memmove(p+86, m->cursor2.clr, sizeof m->cursor2.clr); memmove(p+214, m->cursor2.set, sizeof m->cursor2.set); p[342] = m->arrowcursor; ^^^^^^ ``` To fix the issue the size of local variable `buf` is increased from 100 to 512 to avoid out-of-bounds array access.

fossil: fix EOF detection when reading 9P message When the 9P connection is closed, reads on the connection will keep returning 0. So, fossil ends up looping forever, trying to read a 9P message, consuming 100% CPU. The fix interprets 0 bytes read as EOF. Reproduce by killing the 9pserve process serving the fossil service, or by listening on tcp and using 9p(1).

deroff: fix out-of-bounds access if runes above 0X80 are inside EQ clauses

trim button & modbutton images

make sure border has correct height

src/cmd/fontsrv: pad subfile names to support correct file length For fonts with subfiles that go beyond the xffff range, the font file size calculation is incorrect, since lines beyond that range have additional characters. This patch pads all of the ranges and subfont names with leading zeros in order to keep them all lines the same length and fixes the font file length calculation.