aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/programs
diff options
context:
space:
mode:
authorJoerg Sonnenberger <joerg@britannica.bec.de>2011-08-21 18:51:53 +0200
committerMike Gabriel <mike.gabriel@das-netzwerkteam.de>2015-02-16 10:29:36 +0100
commit65deb86f8dab0c88e051b5ac416b7907433aa849 (patch)
tree9ae30435d3722d0e5245841e8c3d344d6aae94d2 /nx-X11/programs
parent18e337ddf410accec5bdf18c5d28bbd5f3ace7cb (diff)
downloadnx-libs-65deb86f8dab0c88e051b5ac416b7907433aa849.tar.gz
nx-libs-65deb86f8dab0c88e051b5ac416b7907433aa849.tar.bz2
nx-libs-65deb86f8dab0c88e051b5ac416b7907433aa849.zip
Do proper input validation to fix for CVE-2011-2895.
It ensures that all valid input can be decompressed, checks that the overflow conditions doesn't happen and generally tightens the validation of the LZW stream and doesn't pessimize the inner loop for no good reason. It's derived from a change in libarchive from 2004. v2: backports to nx-libs 3.6.x (Mihai Moldovan) v3: fix comment lines starting with "+" + whitespace fixes (Mike Gabriel) Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr> Reviewed-by: Tomas Hoger <thoger@redhat.com>
Diffstat (limited to 'nx-X11/programs')
0 files changed, 0 insertions, 0 deletions