diff options
author | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2011-12-29 11:01:23 +0100 |
---|---|---|
committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2011-12-29 11:01:23 +0100 |
commit | dda2c7cd629ebd5e3ad3441708cb835bb92dcd54 (patch) | |
tree | c533932a4c96b4fe5b67d781601b95ad3cdcec47 /debian/patches | |
parent | c93ae969714ee4c0a3564ebde5e6927ddb14e690 (diff) | |
download | nx-libs-dda2c7cd629ebd5e3ad3441708cb835bb92dcd54.tar.gz nx-libs-dda2c7cd629ebd5e3ad3441708cb835bb92dcd54.tar.bz2 nx-libs-dda2c7cd629ebd5e3ad3441708cb835bb92dcd54.zip |
Rename patch: 008_nxproxy_add-nx-proxy-wrapper.patch to 008_nxproxy_add-nxproxy-wrapper.patch. Add patch from FreeNX patchset: 110_nxagent_createpixmap-bounds-check.patch.
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/008_nxproxy_add-nxproxy-wrapper.patch (renamed from debian/patches/008_nxproxy_add-nx-proxy-wrapper.patch) | 0 | ||||
-rw-r--r-- | debian/patches/110_nxagent_createpixmap-bounds-check.patch | 26 | ||||
-rw-r--r-- | debian/patches/series | 3 |
3 files changed, 28 insertions, 1 deletions
diff --git a/debian/patches/008_nxproxy_add-nx-proxy-wrapper.patch b/debian/patches/008_nxproxy_add-nxproxy-wrapper.patch index 9c208e2e8..9c208e2e8 100644 --- a/debian/patches/008_nxproxy_add-nx-proxy-wrapper.patch +++ b/debian/patches/008_nxproxy_add-nxproxy-wrapper.patch diff --git a/debian/patches/110_nxagent_createpixmap-bounds-check.patch b/debian/patches/110_nxagent_createpixmap-bounds-check.patch new file mode 100644 index 000000000..a5d4c3afa --- /dev/null +++ b/debian/patches/110_nxagent_createpixmap-bounds-check.patch @@ -0,0 +1,26 @@ +--- a/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c ++++ b/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c +@@ -1973,6 +1973,23 @@ + client->errorValue = 0; + return BadValue; + } ++ if (stuff->width > 32767 || stuff->height > 32767) ++ { ++ /* It is allowed to try and allocate a pixmap which is larger than ++ * 32767 in either dimension. However, all of the framebuffer code ++ * is buggy and does not reliably draw to such big pixmaps, basically ++ * because the Region data structure operates with signed shorts ++ * for the rectangles in it. ++ * ++ * Furthermore, several places in the X server computes the ++ * size in bytes of the pixmap and tries to store it in an ++ * integer. This integer can overflow and cause the allocated size ++ * to be much smaller. ++ * ++ * So, such big pixmaps are rejected here with a BadAlloc ++ */ ++ return BadAlloc; ++ } + if (stuff->depth != 1) + { + pDepth = pDraw->pScreen->allowedDepths; diff --git a/debian/patches/series b/debian/patches/series index e128385eb..1a6698661 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -5,7 +5,7 @@ 005_nxagent_add-nxagent-wrapper.patch 006_remove-configure-files.patch 007_nxcompshad_clean-gch-files.patch -008_nxproxy_add-nx-proxy-wrapper.patch +008_nxproxy_add-nxproxy-wrapper.patch 009_nxproxy_add-man-page.patch 010_nxauth_fix-binary-name-in-man-page.patch 011_nxauth_add-nxauth-wrapper.patch @@ -23,4 +23,5 @@ 107_nxagent_clipboard-compound-text+small-bed-sheets.patch 108_nxagent_wine-close-delay.patch 109_nxagent_locale-utf8-compound-text.patch +110_nxagent_createpixmap-bounds-check.patch 200_nxagent_unbrand-agent.patch |