xauth: Changes to 'master'
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Sun May 10 18:05:51 UTC 2020
process.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
New commits:
commit f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452
Author: Tobias Stoeckmann <tobias at stoeckmann.org>
Date: Sun May 3 12:29:53 2020 +0200
Prevent OOB write with long file names.
If an -f argument is exactly 1022 characters in size, an off-by-one
stack overflow happens in auth_finalize. The overflow could be even
larger if locks are ignored for authentication files.
Make sure that a given authentication file name fits into temporary
buffer and that this buffer matches buffer sizes of libXau which is
used by xauth.
More information about the xorg-commit
mailing list