aboutsummaryrefslogtreecommitdiff
path: root/nx-X11/programs/Xserver/os/rpcauth.c
Commit message (Collapse)AuthorAgeFilesLines
* Replace 'pointer' type with 'void *'Keith Packard2015-12-281-2/+2
| | | | | | | | | | This lets us stop using the 'pointer' typedef in Xdefs.h as 'pointer' is used throughout the X server for other things, and having duplicate names generates compiler warnings. Signed-off-by: Keith Packard <keithp@keithp.com> Reviewed-by: Eric Anholt <eric@anholt.net> Rebased against NX: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
* unchecked malloc may allow unauthed client to crash Xserver [CVE-2014-8091]Alan Coopersmith2015-02-141-0/+4
| | | | | | | | | | | | | | | | | | authdes_ezdecode() calls malloc() using a length provided by the connection handshake sent by a newly connected client in order to authenticate to the server, so should be treated as untrusted. It didn't check if malloc() failed before writing to the newly allocated buffer, so could lead to a server crash if the server fails to allocate memory (up to UINT16_MAX bytes, since the len field is a CARD16 in the X protocol). Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Conflicts: os/rpcauth.c
* Imported nx-X11-3.1.0-1.tar.gznx-X11/3.1.0-1Reinhard Tartler2011-10-101-0/+204
Summary: Imported nx-X11-3.1.0-1.tar.gz Keywords: Imported nx-X11-3.1.0-1.tar.gz into Git repository