diff options
author | Keith Packard <keithp@keithp.com> | 2015-05-01 13:09:24 +0200 |
---|---|---|
committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2015-05-01 13:17:03 +0200 |
commit | dba779d9f99ab2fc6bf05c78515dbdd82840cadd (patch) | |
tree | f962041d8bb5b2bc956ecb673dd434c60aebbb95 /nx-X11/programs/Xserver/xfixes | |
parent | 7ccbb073f83b7aa8d0f154b34693b1075e455bd8 (diff) | |
download | nx-libs-dba779d9f99ab2fc6bf05c78515dbdd82840cadd.tar.gz nx-libs-dba779d9f99ab2fc6bf05c78515dbdd82840cadd.tar.bz2 nx-libs-dba779d9f99ab2fc6bf05c78515dbdd82840cadd.zip |
dix: Allow zero-height PutImage requests (fix for X.Org's CVE-2015-3418).
The length checking code validates PutImage height and byte width by
making sure that byte-width >= INT32_MAX / height. If height is zero,
this generates a divide by zero exception. Allow zero height requests
explicitly, bypassing the INT32_MAX check.
Fix for regression introduced by fix for CVE-2014-8092.
v2: backports to nx-libs 3.6.x (Mike Gabriel)
Signed-off-by: Keith Packard <keithp@keithp.com>
Diffstat (limited to 'nx-X11/programs/Xserver/xfixes')
0 files changed, 0 insertions, 0 deletions