xserver: Branch 'server-1.20-branch'
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Tue Aug 18 04:32:01 UTC 2020
dix/pixmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 4979ac8f0be6fa2c4a1edd8a527f7d2134d8586a
Author: Matthieu Herrb <matthieu at herrb.eu>
Date: Sat Jul 25 19:33:50 2020 +0200
fix for ZDI-11426
Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.
This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
Signed-off-by: Matthieu Herrb <matthieu at herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith at oracle.com>
(cherry picked from commit a6b2cbe91793ae4967cd21a7103d889248029553)
diff --git a/dix/pixmap.c b/dix/pixmap.c
index 6923e7e7b..061bd421d 100644
--- a/dix/pixmap.c
+++ b/dix/pixmap.c
@@ -117,7 +117,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
return NullPixmap;
- pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
+ pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
if (!pPixmap)
return NullPixmap;
More information about the xorg-commit
mailing list