nx-X11 · 94c6de0649cd295044b1e4ff7265949c9c787519 · dimbor / nx-libs

CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from… · 94c6de06

authored Feb 08, 2015

CVE-2014-0210: unvalidated length in _fs_recv_conn_setup() from xorg/lib/libXfont commit 891e084b26837162b12f841060086a105edde86d

The connection setup reply from the font server can include a list
of alternate servers to contact if this font server stops working.

The reply specifies a total size of all the font server names, and
then provides a list of names. _fs_recv_conn_setup() allocated the
specified total size for copying the names to, but didn't check to
make sure it wasn't copying more data to that buffer than the size
it had allocated.

94c6de06

Name	Last commit	Last update
..
config		Loading commit data...
extras		Loading commit data...
include		Loading commit data...
lib		Loading commit data...
programs		Loading commit data...
BUILD		Loading commit data...
CHANGELOG		Loading commit data...
COPYING		Loading commit data...
ChangeLog.X.org		Loading commit data...
Imakefile		Loading commit data...
LABEL		Loading commit data...
LICENSE		Loading commit data...
Makefile		Loading commit data...
README		Loading commit data...
README.crypto		Loading commit data...
RELNOTES		Loading commit data...
registry		Loading commit data...
xf86Date.h		Loading commit data...

README