sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-18 17:59:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
ports/x11-servers/xorg-server/files/patch-CVE-2017-12178
Koop Mast 05d144d761 Fix security issues: CVE-2017-12176 through CVE-2017-12187 in xorg-server. 
Bump all the slaves due to not being sure where the shared code is used.

MFH:		2017Q4
Security:	7274e0cc-575f-41bc-8619-14a41b3c2ad0
2017-10-13 19:14:53 +00:00

29 lines
1.1 KiB
Text
Raw Blame History

From 6c15122163a2d2615db7e998e8d436815a08dec6 Mon Sep 17 00:00:00 2001
From: Nathan Kidd <nkidd@opentext.com>
Date: Wed, 24 Dec 2014 16:22:18 -0500
Subject: Xi: fix wrong extra length check in ProcXIChangeHierarchy
(CVE-2017-12178)
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Reviewed-by: Julien Cristau <jcristau@debian.org>
Signed-off-by: Nathan Kidd <nkidd@opentext.com>
Signed-off-by: Julien Cristau <jcristau@debian.org>
(cherry picked from commit 859b08d523307eebde7724fd1a0789c44813e821)
diff --git a/Xi/xichangehierarchy.c b/Xi/xichangehierarchy.c
index f2b7785..7286eff 100644
--- Xi/xichangehierarchy.c
+++ Xi/xichangehierarchy.c
@@ -423,7 +423,7 @@ ProcXIChangeHierarchy(ClientPtr client)
if (!stuff->num_changes)
return rc;
- len = ((size_t)stuff->length << 2) - sizeof(xXIAnyHierarchyChangeInfo);
+ len = ((size_t)stuff->length << 2) - sizeof(xXIChangeHierarchyReq);
any = (xXIAnyHierarchyChangeInfo *) &stuff[1];
while (stuff->num_changes--) {
--
cgit v0.10.2
Reference in a new issue View git blame Copy permalink