mirror of
https://github.com/X11Libre/xserver.git
synced 2026-04-14 17:18:09 +00:00
Fix for a divide by zero that can be triggered by a malicious client.
Problem reported by Derek Abdine of rapid7.com. Thanks.
This commit is contained in:
committed by
Matthieu Herrb
parent
873ef75b1e
commit
71fc5b3e93
@@ -117,6 +117,9 @@ fbRasterizeTrapezoid (PicturePtr pPicture,
|
||||
RenderEdge l, r;
|
||||
xFixed t, b;
|
||||
|
||||
if (!xTrapezoidValid (trap))
|
||||
return;
|
||||
|
||||
fbGetDrawable (pPicture->pDrawable, buf, stride, bpp, pxoff, pyoff);
|
||||
|
||||
width = pPicture->pDrawable->width;
|
||||
|
||||
@@ -143,6 +143,7 @@ RenderEdgeInit (RenderEdge *e,
|
||||
dx = x_bot - x_top;
|
||||
dy = y_bot - y_top;
|
||||
e->dy = dy;
|
||||
e->dx = 0;
|
||||
if (dy)
|
||||
{
|
||||
if (dx >= 0)
|
||||
|
||||
Reference in New Issue
Block a user