libXfont: Changes to 'master'
Alan Coopersmith
alanc at kemper.freedesktop.org
Tue Jan 7 08:23:07 PST 2014
configure.ac | 2 +-
src/bitmap/bdfread.c | 16 ++++++++++++----
2 files changed, 13 insertions(+), 5 deletions(-)
New commits:
commit 30110063857ff9a5f93f6d8d13f535c9b6e59e2a
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Tue Jan 7 08:22:31 2014 -0800
libXfont 1.4.7
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
commit 2a84680376bafd74609c6ef3e38befcb8467d814
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Mon Dec 23 19:01:11 2013 -0800
Limit additional sscanf strings to fit buffer sizes
None of these could currently result in buffer overflow, as the input
and output buffers were the same size, but adding limits helps ensure
we keep it that way, if we ever resize any of these in the future.
Fixes cppcheck warnings:
[lib/libXfont/src/bitmap/bdfread.c:547]: (warning)
scanf without field width limits can crash with huge input data.
[lib/libXfont/src/bitmap/bdfread.c:553]: (warning)
scanf without field width limits can crash with huge input data.
[lib/libXfont/src/bitmap/bdfread.c:636]: (warning)
scanf without field width limits can crash with huge input data.
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
Reviewed-by: Matthieu Herrb <matthieu at herrb.eu>
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
commit 4d024ac10f964f6bd372ae0dd14f02772a6e5f63
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Mon Dec 23 18:34:02 2013 -0800
CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters()
Fixes cppcheck warning:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
scanf without field width limits can crash with huge input data.
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
Reviewed-by: Matthieu Herrb <matthieu at herrb.eu>
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu at apple.com>
More information about the xorg-commit
mailing list