scorpionit / rpms / xorg-x11-server

Forked from rpms/xorg-x11-server 4 years ago
Clone
Source Code
GIT

Blame cve-2008-0006-server-fixup.patch

ajax/upstream f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f7 f8 f9 master olpc2 olpc3 private-1_2-branch private-unbreak-domain-branch
  1.   e20d4ef28d426fff3594c713eeee2cd9914fe1a1
  2.   cve-2008-0006-server-fixup.patch
Blob History Raw
e20d4ef 
diff -up xorg-x11-6.8.2/xc/programs/Xserver/dix/dixfonts.c.jx xorg-x11-6.8.2/xc/programs/Xserver/dix/dixfonts.c
e20d4ef 
--- xorg-x11-6.8.2/xc/programs/Xserver/dix/dixfonts.c.jx	2004-04-23 15:04:44.000000000 -0400
e20d4ef 
+++ xorg-x11-server/dix/dixfonts.c	2008-01-14 11:15:00.000000000 -0500
e20d4ef 
@@ -339,6 +339,13 @@ doOpenFont(ClientPtr client, OFclosurePt
e20d4ef 
 	err = BadFontName;
e20d4ef 
 	goto bail;
e20d4ef 
     }
e20d4ef 
+    /* check values for firstCol, lastCol, firstRow, and lastRow */
e20d4ef 
+    if (pfont->info.firstCol > pfont->info.lastCol ||
e20d4ef 
+	pfont->info.firstRow > pfont->info.lastRow ||
e20d4ef 
+	pfont->info.lastCol - pfont->info.firstCol > 255) {
e20d4ef 
+	err = AllocError;
e20d4ef 
+	goto bail;
e20d4ef 
+    }
e20d4ef 
     if (!pfont->fpe)
e20d4ef 
 	pfont->fpe = fpe;
e20d4ef 
     pfont->refcnt++;
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.