Annotation of /trunk/xorg-server/patches/xorg-server-1.4.0.90-CVE-2007-6428.patch
Parent Directory | Revision Log
Revision 486 -
(hide annotations)
(download)
Wed Feb 13 00:09:39 2008 UTC (16 years, 7 months ago) by niro
File size: 747 byte(s)
Wed Feb 13 00:09:39 2008 UTC (16 years, 7 months ago) by niro
File size: 747 byte(s)
-added several security fixes, a fix for compiz and openoffice
1 | niro | 486 | From 4848d49d05a318559afe7a17a19ba055947ee1f5 Mon Sep 17 00:00:00 2001 |
2 | From: Matthieu Herrb <matthieu@bluenote.herrb.com> | ||
3 | Date: Thu, 17 Jan 2008 15:28:03 +0100 | ||
4 | Subject: [PATCH] Fix for CVE-2007-6428 - TOG-cup extension memory corruption. | ||
5 | |||
6 | --- | ||
7 | Xext/cup.c | 3 +++ | ||
8 | 1 files changed, 3 insertions(+), 0 deletions(-) | ||
9 | |||
10 | diff --git a/Xext/cup.c b/Xext/cup.c | ||
11 | index 6bfa278..781b9ce 100644 | ||
12 | --- a/Xext/cup.c | ||
13 | +++ b/Xext/cup.c | ||
14 | @@ -196,6 +196,9 @@ int ProcGetReservedColormapEntries( | ||
15 | |||
16 | REQUEST_SIZE_MATCH (xXcupGetReservedColormapEntriesReq); | ||
17 | |||
18 | + if (stuff->screen >= screenInfo.numScreens) | ||
19 | + return BadValue; | ||
20 | + | ||
21 | #ifndef HAVE_SPECIAL_DESKTOP_COLORS | ||
22 | citems[CUP_BLACK_PIXEL].pixel = | ||
23 | screenInfo.screens[stuff->screen]->blackPixel; | ||
24 | -- | ||
25 | 1.5.3.5 | ||
26 |