nx-libs - NXv3 (redistributed)

diff options

author	Alan Coopersmith <alan.coopersmith@oracle.com>	2014-01-22 22:37:15 -0800
committer	Mike Gabriel <mike.gabriel@das-netzwerkteam.de>	2015-02-14 16:14:32 +0100
commit	ed1e13a1f4e316bcf0dc0d4b2c16b1df3f075005 (patch)
tree	37604d6c64ea88fd97a25c78d49d6d0a50ce99a8 /debian/libnx-xdmcp6.symbols
parent	d4c76981f7fddb364166464c571ed8d3de3086cd (diff)
download	nx-libs-ed1e13a1f4e316bcf0dc0d4b2c16b1df3f075005.tar.gz nx-libs-ed1e13a1f4e316bcf0dc0d4b2c16b1df3f075005.tar.bz2 nx-libs-ed1e13a1f4e316bcf0dc0d4b2c16b1df3f075005.zip

dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4]

RegionSizeof contains several integer overflows if a large length value is passed in. Once we fix it to return 0 on overflow, we also have to fix the callers to handle this error condition v2: Fixed limit calculation in RegionSizeof as pointed out by jcristau. v3: backport to nx-libs 3.6.x (Mike DePaulo) Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Reviewed-by: Julien Cristau <jcristau@debian.org> Conflicts: dix/region.c include/regionstr.h

Diffstat (limited to 'debian/libnx-xdmcp6.symbols')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: