libXxf86vm: Changes to 'master'
Alan Coopersmith
alanc at kemper.freedesktop.org
Fri Jan 9 22:02:03 PST 2015
src/XF86VMode.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
New commits:
commit 723f4a1430dad0d495e3c83c7c95edb94e9f4304
Author: Alan Coopersmith <alan.coopersmith at oracle.com>
Date: Mon Jan 5 22:52:39 2015 -0800
Discard correct length for old-format replies in XF86VidModeGetGamma
Regression introduced in libXxf86vm 1.1.3 / commit 284a88e21fc05a63466
Unlikely to be hit in practice since it requires out-of-range privsize
or malloc failure while talking to a server using the XFree86 3.x version
of the protocol.
Found by Oracle Parfait 1.5.1:
Error: Uninitialised memory (CWE 456)
Possible access to uninitialised memory '&rep.length'
at line 279 of open-src/lib/libXxf86vm/unpacked-src/src/XF86VMode.c in function 'XF86VidModeGetModeLine'.
&rep.length allocated at line 218.
&rep.length uninitialised when majorVersion < 2 at line 233.
Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
Reviewed-by: Matthieu Herrb <matthieu at herrb.eu>
More information about the xorg-commit
mailing list