aboutsummaryrefslogtreecommitdiff
path: root/nxcomp/SendEvent.h
diff options
context:
space:
mode:
authorJulien Cristau <jcristau@debian.org>2013-05-23 20:39:46 +0200
committerUlrich Sibiller <uli42@gmx.de>2016-10-19 21:40:27 +0200
commit78ed233308babdeb428d9292f7e40e438e9b2efd (patch)
tree72d7d6b2732b658538d1037f0060866a16bcc848 /nxcomp/SendEvent.h
parent082e831303bb8c8c63ce40d79bee10855112c014 (diff)
downloadnx-libs-78ed233308babdeb428d9292f7e40e438e9b2efd.tar.gz
nx-libs-78ed233308babdeb428d9292f7e40e438e9b2efd.tar.bz2
nx-libs-78ed233308babdeb428d9292f7e40e438e9b2efd.zip
xkb: fix off-by-one in _XkbReadGetNamesReply and _XkbReadVirtualModMap
The size of the arrays is max_key_code + 1. This makes these functions consistent with the other checks added for CVE-2013-1997. Also check the XkbGetNames reply when names->keys was just allocated. Signed-off-by: Julien Cristau <jcristau@debian.org> Tested-by: Colin Walters <walters@verbum.org> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
Diffstat (limited to 'nxcomp/SendEvent.h')
0 files changed, 0 insertions, 0 deletions