aboutsummaryrefslogtreecommitdiff
path: root/nx-X11
diff options
context:
space:
mode:
authorMihai Moldovan <ionic@ionic.de>2015-02-16 05:55:23 +0100
committerMihai Moldovan <ionic@ionic.de>2015-02-16 05:55:23 +0100
commit03a2922d9cc17af26bd91d4a471061c54db50789 (patch)
treeed620f6a17af7a6f777aeadb94bbb986ee55c24e /nx-X11
parent31322c2bd9be76493a5a04a23ea68e063fe3b7e6 (diff)
downloadnx-libs-03a2922d9cc17af26bd91d4a471061c54db50789.tar.gz
nx-libs-03a2922d9cc17af26bd91d4a471061c54db50789.tar.bz2
nx-libs-03a2922d9cc17af26bd91d4a471061c54db50789.zip
Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"
This reverts commit d4c76981f7fddb364166464c571ed8d3de3086cd.
Diffstat (limited to 'nx-X11')
-rw-r--r--nx-X11/programs/Xserver/os/access.c6
1 files changed, 0 insertions, 6 deletions
diff --git a/nx-X11/programs/Xserver/os/access.c b/nx-X11/programs/Xserver/os/access.c
index 0e9d13845..b6a70a703 100644
--- a/nx-X11/programs/Xserver/os/access.c
+++ b/nx-X11/programs/Xserver/os/access.c
@@ -1719,10 +1719,6 @@ GetHosts (
{
nHosts++;
n += (((host->len + 3) >> 2) << 2) + sizeof(xHostEntry);
- /* Could check for INT_MAX, but in reality having more than 1mb of
- hostnames in the access list is ridiculous */
- if (n >= 1048576)
- break;
}
if (n)
{
@@ -1734,8 +1730,6 @@ GetHosts (
for (host = validhosts; host; host = host->next)
{
len = host->len;
- if ((ptr + sizeof(xHostEntry) + len) > (data + n))
- break;
((xHostEntry *)ptr)->family = host->family;
((xHostEntry *)ptr)->length = len;
ptr += sizeof(xHostEntry);