[PATCH] xkbcomp: Stop possible overflow in yyGetnumber. #31647
Alistair Leslie-Hughes
leslie_alistair at hotmail.com
Fri Apr 1 02:26:30 PDT 2011
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=31647
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair at hotmail.com>
---
xkbscan.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/xkbscan.c b/xkbscan.c
index 03193e2..6959639 100644
--- a/xkbscan.c
+++ b/xkbscan.c
@@ -613,7 +613,8 @@ yyGetNumber(int ch)
buf[0] = ch;
nInBuf = 1;
while (((ch = scanchar()) != EOF)
- && (isxdigit(ch) || ((nInBuf == 1) && (ch == 'x'))))
+ && (isxdigit(ch) || ((nInBuf == 1) && (ch == 'x')))
+ && nInBuf < 1024)
{
buf[nInBuf++] = ch;
}
@@ -621,7 +622,8 @@ yyGetNumber(int ch)
{
isFloat = 1;
buf[nInBuf++] = ch;
- while (((ch = scanchar()) != EOF) && (isxdigit(ch)))
+ while (((ch = scanchar()) != EOF) && (isxdigit(ch))
+ && nInBuf < 1024)
{
buf[nInBuf++] = ch;
}
--
1.7.1
--------------080704040700090004080905--
More information about the xorg-devel
mailing list