CVE-2014-0211: integer overflow in fs_read_extent_info() - xorg/lib/libXfont - X font handling library for server & utilities (mirrored from https://gitlab.freedesktop.org/xorg/lib/libxfont)

diff options

author	Alan Coopersmith <alan.coopersmith@oracle.com>	2014-04-25 23:02:42 -0700
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2014-05-12 23:31:56 -0700
commit	c578408c1fd4db09e4e3173f8a9e65c81cc187c1 (patch)
tree	1a999d99d2dc8ec3fc7dc415fec19848b98327a2 /Makefile.am
parent	491291cabf78efdeec8f18b09e14726a9030cc8f (diff)

CVE-2014-0211: integer overflow in fs_read_extent_info()

fs_read_extent_info() parses a reply from the font server. The reply contains a 32bit number of elements field which is used to calculate a buffer length. There is an integer overflow in this calculation which can lead to memory corruption. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Adam Jackson <ajax@redhat.com> Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>

Diffstat (limited to 'Makefile.am')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: