XLibre/xserver
1
1
Fork 0
mirror of https://github.com/X11Libre/xserver.git synced 2026-04-14 17:18:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3df2fcf12499ebdb26b9b67419ea485a42041f33
xserver/dix
History
Alan Coopersmith 97015a07b9 dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4] 
RegionSizeof contains several integer overflows if a large length
value is passed in.  Once we fix it to return 0 on overflow, we
also have to fix the callers to handle this error condition

v2: Fixed limit calculation in RegionSizeof as pointed out by jcristau.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
2014-12-08 18:09:47 -08:00
..
.gitignore
atom.c
buildatoms
BuiltInAtoms
colormap.c
cursor.c
devices.c
dispatch.c
dispatch.h
dixfonts.c
dixutils.c
enterleave.c
enterleave.h
eventconvert.c
events.c
extension.c
ffs.c
gc.c
getevents.c
globals.c
glyphcurs.c
grabs.c
initatoms.c
inpututils.c
main.c
Makefile.am
pixmap.c
privates.c
property.c
protocol.txt
ptrveloc.c
region.c
registry.c
resource.c
selection.c
stubmain.c
swaprep.c
swapreq.c
tables.c
touch.c
window.c
Xserver-dtrace.h.in
Xserver.d