From 03a2922d9cc17af26bd91d4a471061c54db50789 Mon Sep 17 00:00:00 2001
From: Mihai Moldovan <ionic@ionic.de>
Date: Mon, 16 Feb 2015 05:55:23 +0100
Subject: Revert "dix: integer overflow in GetHosts() [CVE-2014-8092 2/4]"

This reverts commit d4c76981f7fddb364166464c571ed8d3de3086cd.
---
 nx-X11/programs/Xserver/os/access.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/nx-X11/programs/Xserver/os/access.c b/nx-X11/programs/Xserver/os/access.c
index 0e9d13845..b6a70a703 100644
--- a/nx-X11/programs/Xserver/os/access.c
+++ b/nx-X11/programs/Xserver/os/access.c
@@ -1719,10 +1719,6 @@ GetHosts (
     {
 	nHosts++;
 	n += (((host->len + 3) >> 2) << 2) + sizeof(xHostEntry);
-        /* Could check for INT_MAX, but in reality having more than 1mb of
-           hostnames in the access list is ridiculous */
-        if (n >= 1048576)
-            break;
     }
     if (n)
     {
@@ -1734,8 +1730,6 @@ GetHosts (
         for (host = validhosts; host; host = host->next)
 	{
 	    len = host->len;
-            if ((ptr + sizeof(xHostEntry) + len) > (data + n))
-                break;
 	    ((xHostEntry *)ptr)->family = host->family;
 	    ((xHostEntry *)ptr)->length = len;
 	    ptr += sizeof(xHostEntry);
-- 
cgit v1.2.3