aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch')
-rw-r--r--debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch b/debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch
new file mode 100644
index 000000000..342728ef6
--- /dev/null
+++ b/debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch
@@ -0,0 +1,29 @@
+From 0d53194f7ef5980a7cd78950a4f3eb2b56e65746 Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date: Sun, 26 Jan 2014 17:18:54 -0800
+Subject: [PATCH 25/40] xcmisc: unvalidated length in SProcXCMiscGetXIDList()
+ [CVE-2014-8096]
+
+v2: backport to nx-libs 3.6.x (Mike DePaulo)
+
+Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
+---
+ nx-X11/programs/Xserver/Xext/xcmisc.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/nx-X11/programs/Xserver/Xext/xcmisc.c b/nx-X11/programs/Xserver/Xext/xcmisc.c
+index c7bb72d..0a9a090 100644
+--- a/nx-X11/programs/Xserver/Xext/xcmisc.c
++++ b/nx-X11/programs/Xserver/Xext/xcmisc.c
+@@ -228,6 +228,7 @@ SProcXCMiscGetXIDList(client)
+ {
+ register int n;
+ REQUEST(xXCMiscGetXIDListReq);
++ REQUEST_SIZE_MATCH(xXCMiscGetXIDListReq);
+
+ swaps(&stuff->length, n);
+ swapl(&stuff->count, n);
+--
+2.1.4
+