-
Mike DePaulo authored
CVE-2014-0210: unvalidated length fields in fs_read_query_info() from xorg/lib/libXfont commit 491291cabf78efdeec8f18b09e14726a9030cc8f fs_read_query_info() parses a reply from the font server. The reply contains embedded length fields, none of which are validated. This can cause out of bound reads in either fs_read_query_info() or in _fs_convert_props() which it calls to parse the fsPropInfo in the reply.
c6aebf92
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| Imakefile | ||
| fsconvert.c | ||
| fserve.c | ||
| fserve.h | ||
| fservestr.h | ||
| fsio.c | ||
| fsio.h | ||
| fsio.h.NX.reference | ||
| fsio.h.XF86.reference | ||
| fslibos.h |