libXtst: Changes to 'master'
Matthieu Herrb
herrb at kemper.freedesktop.org
Tue Oct 4 13:55:15 UTC 2016
src/XRecord.c | 43 +++++++++++++++++++++++++++++++++++++++----
1 file changed, 39 insertions(+), 4 deletions(-)
New commits:
commit 9556ad67af3129ec4a7a4f4b54a0d59701beeae3
Author: Tobias Stoeckmann <tobias at stoeckmann.org>
Date: Sun Sep 25 21:37:01 2016 +0200
Out of boundary access and endless loop in libXtst
A lack of range checks in libXtst allows out of boundary accesses.
The checks have to be done in-place here, because it cannot be done
without in-depth knowledge of the read data.
If XRecordStartOfData, XRecordEndOfData, or XRecordClientDied
without a client sequence have attached data, an endless loop would
occur. The do-while-loop continues until the current index reaches
the end. But in these cases, the current index would not be
incremented, leading to an endless processing.
Signed-off-by: Tobias Stoeckmann <tobias at stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu at herrb.eu>
More information about the xorg-commit
mailing list