diff options
| author | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
|---|---|---|
| committer | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
| commit | 1dad092caf01d733990648e6df64cbf964df5143 (patch) | |
| tree | 39de0e643e76754a3e23ca9dd0350b8ba4f76250 /debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch | |
| parent | 6d70b9e3c47f27a166f4aacb522c5c1e49092dd9 (diff) | |
| parent | 2b9025f797ee322e21077e100c2ee27c2e7fa0e0 (diff) | |
| download | nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.gz nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.bz2 nx-libs-1dad092caf01d733990648e6df64cbf964df5143.zip | |
Merge branch '3.6.x'
Diffstat (limited to 'debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch')
| -rw-r--r-- | debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch b/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch deleted file mode 100644 index 106231983..000000000 --- a/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch +++ /dev/null @@ -1,44 +0,0 @@ -Description: Avoid large pixmaps - It is allowed to try and allocate a pixmap which is larger than - 32767 in either dimension. However, all of the framebuffer code - is buggy and does not reliably draw to such big pixmaps, basically - because the Region data structure operates with signed shorts - for the rectangles in it. - . - Furthermore, several places in the X server computes the - size in bytes of the pixmap and tries to store it in an - integer. This integer can overflow and cause the allocated size - to be much smaller. - . - So, such big pixmaps are rejected here with a BadAlloc - . - Originally contributed by FreeNX Team -Forwarded: pending... -Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> -Last-Update: 2011-12-31 ---- a/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c -+++ b/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c -@@ -1973,6 +1973,23 @@ ProcCreatePixmap(client) - client->errorValue = 0; - return BadValue; - } -+ if (stuff->width > 32767 || stuff->height > 32767) -+ { -+ /* It is allowed to try and allocate a pixmap which is larger than -+ * 32767 in either dimension. However, all of the framebuffer code -+ * is buggy and does not reliably draw to such big pixmaps, basically -+ * because the Region data structure operates with signed shorts -+ * for the rectangles in it. -+ * -+ * Furthermore, several places in the X server computes the -+ * size in bytes of the pixmap and tries to store it in an -+ * integer. This integer can overflow and cause the allocated size -+ * to be much smaller. -+ * -+ * So, such big pixmaps are rejected here with a BadAlloc -+ */ -+ return BadAlloc; -+ } - if (stuff->depth != 1) - { - pDepth = pDraw->pScreen->allowedDepths; |