aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/lib/X11/GetImage.c
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@oracle.com>2013-03-08 22:25:35 -0800
committerUlrich Sibiller <uli42@gmx.de>2016-10-12 09:34:38 +0200
commit361d36770ba3ceef0272e53c59c169f16f16ecf6 (patch)
tree1b0765771257b613cca09318275cb4edd4521bbd /nx-X11/lib/X11/GetImage.c
parent25172302a39c4e0c90dffbdcfa88b99ac442a2f9 (diff)
downloadnx-libs-361d36770ba3ceef0272e53c59c169f16f16ecf6.tar.gz
nx-libs-361d36770ba3ceef0272e53c59c169f16f16ecf6.tar.bz2
nx-libs-361d36770ba3ceef0272e53c59c169f16f16ecf6.zip
integer overflow in XGetWindowProperty() [CVE-2013-1981 10/13]
If the reported number of properties is too large, the calculations to allocate memory for them may overflow, leaving us returning less memory to the caller than implied by the value written to *nitems. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr> Signed-off-by: Julien Cristau <jcristau@debian.org> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
Diffstat (limited to 'nx-X11/lib/X11/GetImage.c')
0 files changed, 0 insertions, 0 deletions