diff options
Diffstat (limited to 'debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch')
| -rw-r--r-- | debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch b/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch deleted file mode 100644 index 106231983..000000000 --- a/debian/patches/0110_nxagent_createpixmap-bounds-check.full.patch +++ /dev/null @@ -1,44 +0,0 @@ -Description: Avoid large pixmaps - It is allowed to try and allocate a pixmap which is larger than - 32767 in either dimension. However, all of the framebuffer code - is buggy and does not reliably draw to such big pixmaps, basically - because the Region data structure operates with signed shorts - for the rectangles in it. - . - Furthermore, several places in the X server computes the - size in bytes of the pixmap and tries to store it in an - integer. This integer can overflow and cause the allocated size - to be much smaller. - . - So, such big pixmaps are rejected here with a BadAlloc - . - Originally contributed by FreeNX Team -Forwarded: pending... -Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> -Last-Update: 2011-12-31 ---- a/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c -+++ b/nx-X11/programs/Xserver/hw/nxagent/NXdispatch.c -@@ -1973,6 +1973,23 @@ ProcCreatePixmap(client) - client->errorValue = 0; - return BadValue; - } -+ if (stuff->width > 32767 || stuff->height > 32767) -+ { -+ /* It is allowed to try and allocate a pixmap which is larger than -+ * 32767 in either dimension. However, all of the framebuffer code -+ * is buggy and does not reliably draw to such big pixmaps, basically -+ * because the Region data structure operates with signed shorts -+ * for the rectangles in it. -+ * -+ * Furthermore, several places in the X server computes the -+ * size in bytes of the pixmap and tries to store it in an -+ * integer. This integer can overflow and cause the allocated size -+ * to be much smaller. -+ * -+ * So, such big pixmaps are rejected here with a BadAlloc -+ */ -+ return BadAlloc; -+ } - if (stuff->depth != 1) - { - pDepth = pDraw->pScreen->allowedDepths; |