Files · b65259bf3bcca15b5069cb7a6c06f95a40f79813 · dimbor / nx-libs

CVE-2014-0210: unvalidated length fields in fs_read_list_info() from… · b65259bf

authored Feb 08, 2015

CVE-2014-0210: unvalidated length fields in fs_read_list_info() from xorg/lib/libXfont commit d338f81df1e188eb16e1d6aeea7f4800f89c1218

fs_read_list_info() parses a reply from the font server. The reply
contains a number of additional data items with embedded length or
count fields, none of which are validated. This can cause out of
bound reads when looping over these items in the reply.

b65259bf

Name	Last commit	Last update
bin		Loading commit data...
debian		Loading commit data...
doc/nx-X11_vs_XOrg69_patches		Loading commit data...
etc		Loading commit data...
nx-X11		Loading commit data...
nxcomp		Loading commit data...
nxcompext		Loading commit data...
nxcompshad		Loading commit data...
nxproxy		Loading commit data...
COPYING		Loading commit data...
ChangeLog		Loading commit data...
Makefile		Loading commit data...
README.NX-development		Loading commit data...
README.keystrokes		Loading commit data...
VERSION		Loading commit data...
VERSION.x2goagent		Loading commit data...
nx-libs.spec		Loading commit data...
replace.sh		Loading commit data...