aboutsummaryrefslogtreecommitdiff
path: root/nxcompshad/Shadow.cpp
diff options
context:
space:
mode:
authorMike DePaulo <mikedep333@gmail.com>2015-02-08 22:08:09 -0500
committerMihai Moldovan <ionic@ionic.de>2015-02-16 05:47:25 +0100
commite29bbd5bf0565eaf7c02f85a57b87f66531fa6b3 (patch)
tree3c598bba4ffeb3b41b927d4cae846d4c190f9108 /nxcompshad/Shadow.cpp
parent5fc2f57fb5520bb61e2c1f8b6fd2522b203b3b9d (diff)
downloadnx-libs-e29bbd5bf0565eaf7c02f85a57b87f66531fa6b3.tar.gz
nx-libs-e29bbd5bf0565eaf7c02f85a57b87f66531fa6b3.tar.bz2
nx-libs-e29bbd5bf0565eaf7c02f85a57b87f66531fa6b3.zip
CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/lib/libXfont commit 491291cabf78efdeec8f18b09e14726a9030cc8f
fs_read_query_info() parses a reply from the font server. The reply contains embedded length fields, none of which are validated. This can cause out of bound reads in either fs_read_query_info() or in _fs_convert_props() which it calls to parse the fsPropInfo in the reply. v2: apply correctly on nx-libs 3.6.x (Mihai Moldovan)
Diffstat (limited to 'nxcompshad/Shadow.cpp')
0 files changed, 0 insertions, 0 deletions