Minix/pkgsrc-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
c847a2cd2db2593d3761235616273c9c19a6a35f
pkgsrc-ng/x11/modular-xorg-server112/patches/patch-Xi_xiselectev.c
Lionel Sambuc f641581404 Import of pkgsrc-2015Q2
2016-01-21 23:41:46 +01:00

34 lines
1.1 KiB
C
Raw Blame History

$NetBSD: patch-Xi_xiselectev.c,v 1.1 2015/04/03 09:46:18 tnn Exp $
X.Org Security Advisory: Dec. 9, 2014
Protocol handling issues in X Window System servers
--- Xi/xiselectev.c.orig 2012-05-17 17:09:01.000000000 +0000
+++ Xi/xiselectev.c
@@ -63,6 +63,7 @@ int
SProcXISelectEvents(ClientPtr client)
{
int i;
+ int len;
xXIEventMask *evmask;
REQUEST(xXISelectEventsReq);
@@ -71,10 +72,17 @@ SProcXISelectEvents(ClientPtr client)
swapl(&stuff->win);
swaps(&stuff->num_masks);
+ len = stuff->length - bytes_to_int32(sizeof(xXISelectEventsReq));
evmask = (xXIEventMask *) &stuff[1];
for (i = 0; i < stuff->num_masks; i++) {
+ if (len < bytes_to_int32(sizeof(xXIEventMask)))
+ return BadLength;
+ len -= bytes_to_int32(sizeof(xXIEventMask));
swaps(&evmask->deviceid);
swaps(&evmask->mask_len);
+ if (len < evmask->mask_len)
+ return BadLength;
+ len -= evmask->mask_len;
evmask =
(xXIEventMask *) (((char *) &evmask[1]) + evmask->mask_len * 4);
}
Reference in New Issue View Git Blame Copy Permalink