aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch
blob: 342728ef65ae1992874a85957c058c5f0e511713 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

From 0d53194f7ef5980a7cd78950a4f3eb2b56e65746 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun, 26 Jan 2014 17:18:54 -0800
Subject: [PATCH 25/40] xcmisc: unvalidated length in SProcXCMiscGetXIDList()
 [CVE-2014-8096]

v2: backport to nx-libs 3.6.x (Mike DePaulo)

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
---
 nx-X11/programs/Xserver/Xext/xcmisc.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nx-X11/programs/Xserver/Xext/xcmisc.c b/nx-X11/programs/Xserver/Xext/xcmisc.c
index c7bb72d..0a9a090 100644
--- a/nx-X11/programs/Xserver/Xext/xcmisc.c
+++ b/nx-X11/programs/Xserver/Xext/xcmisc.c
@@ -228,6 +228,7 @@ SProcXCMiscGetXIDList(client)
 {
     register int n;
     REQUEST(xXCMiscGetXIDListReq);
+    REQUEST_SIZE_MATCH(xXCMiscGetXIDListReq);
 
     swaps(&stuff->length, n);
     swapl(&stuff->count, n);
-- 
2.1.4
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 22:06:34 +0000