Contents of /trunk/xorg-server/patches/xorg-server-1.4.0.90-CVE-2007-5760.patch
Parent Directory
| 
Revision Log
Revision 486 -
(show annotations)
(download)
Wed Feb 13 00:09:39 2008 UTC (16 years, 3 months ago) by niro
File size: 980 byte(s)
Wed Feb 13 00:09:39 2008 UTC (16 years, 3 months ago) by niro
File size: 980 byte(s)
-added several security fixes, a fix for compiz and openoffice
| 1 | From 59a3b83922c810316a374a19484b24901c7437ae Mon Sep 17 00:00:00 2001 |
| 2 | From: Matthieu Herrb <matthieu@bluenote.herrb.com> |
| 3 | Date: Thu, 17 Jan 2008 15:26:41 +0100 |
| 4 | Subject: [PATCH] Fix for CVE-2007-5760 - XFree86 Misc extension out of bounds array index |
| 5 | |
| 6 | --- |
| 7 | hw/xfree86/common/xf86MiscExt.c | 4 ++++ |
| 8 | 1 files changed, 4 insertions(+), 0 deletions(-) |
| 9 | |
| 10 | diff --git a/hw/xfree86/common/xf86MiscExt.c b/hw/xfree86/common/xf86MiscExt.c |
| 11 | index c1b9c60..40c196a 100644 |
| 12 | --- a/hw/xfree86/common/xf86MiscExt.c |
| 13 | +++ b/hw/xfree86/common/xf86MiscExt.c |
| 14 | @@ -548,6 +548,10 @@ MiscExtPassMessage(int scrnIndex, const char *msgtype, const char *msgval, |
| 15 | { |
| 16 | ScrnInfoPtr pScr = xf86Screens[scrnIndex]; |
| 17 | |
| 18 | + /* should check this in the protocol, but xf86NumScreens isn't exported */ |
| 19 | + if (scrnIndex >= xf86NumScreens) |
| 20 | + return BadValue; |
| 21 | + |
| 22 | if (*pScr->HandleMessage == NULL) |
| 23 | return BadImplementation; |
| 24 | return (*pScr->HandleMessage)(scrnIndex, msgtype, msgval, retstr); |
| 25 | -- |
| 26 | 1.5.3.5 |
| 27 |