summaryrefslogtreecommitdiff
path: root/xfont.pc.in
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@oracle.com>2014-04-25 23:03:24 -0700
committerAlan Coopersmith <alan.coopersmith@oracle.com>2014-05-12 23:32:15 -0700
commit520683652564c2a4e42328ae23eef9bb63271565 (patch)
tree33d3d64a01403e47eddab17321e76b7cfaa794e7 /xfont.pc.in
parenta3f21421537620fc4e1f844a594a4bcd9f7e2bd8 (diff)
CVE-2014-0210: unvalidated length fields in fs_read_glyphs()
fs_read_glyphs() parses a reply from the font server. The reply contains embedded length fields, none of which are validated. This can cause out of bound reads when looping over the glyph bitmaps in the reply. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Adam Jackson <ajax@redhat.com> Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
Diffstat (limited to 'xfont.pc.in')
0 files changed, 0 insertions, 0 deletions