Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 155987 Details for
Bug 225419
x11-base/xorg-server Multiple vulnerabilities in X server extensions (CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
cve-2008-1379
xorg-xserver-1.4-cve-2008-1379.diff (text/plain), 754 bytes, created by
Matthias Geerdsen (RETIRED)
on 2008-06-08 18:44:28 UTC
(
hide
)
Description:
cve-2008-1379
Filename:
MIME Type:
Creator:
Matthias Geerdsen (RETIRED)
Created:
2008-06-08 18:44:28 UTC
Size:
754 bytes
patch
obsolete
>diff --git a/Xext/shm.c b/Xext/shm.c >index ac587be..e08df36 100644 >--- a/Xext/shm.c >+++ b/Xext/shm.c >@@ -831,8 +831,17 @@ ProcShmPutImage(client) > return BadValue; > } > >- VERIFY_SHMSIZE(shmdesc, stuff->offset, length * stuff->totalHeight, >- client); >+ /* >+ * There's a potential integer overflow in this check: >+ * VERIFY_SHMSIZE(shmdesc, stuff->offset, length * stuff->totalHeight, >+ * client); >+ * the version below ought to avoid it >+ */ >+ if (stuff->totalHeight != 0 && >+ length > (shmdesc->size - stuff->offset)/stuff->totalHeight) { >+ client->errorValue = stuff->totalWidth; >+ return BadValue; >+ } > if (stuff->srcX > stuff->totalWidth) > { > client->errorValue = stuff->srcX;
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 225419
:
155985
| 155987 |
155989
|
155991
|
155993
|
156325