nx-X11 · ece51493f1d970f45e53588e33a700464a42fbab · dimbor / nx-libs

CVE-2014-0210: unvalidated length fields in fs_read_glyphs() from… · ece51493

authored Feb 08, 2015

CVE-2014-0210: unvalidated length fields in fs_read_glyphs() from xorg/lib/libXfont commit 520683652564c2a4e42328ae23eef9bb63271565

fs_read_glyphs() parses a reply from the font server. The reply
contains embedded length fields, none of which are validated.
This can cause out of bound reads when looping over the glyph
bitmaps in the reply.

ece51493

Name	Last commit	Last update
..
config		Loading commit data...
extras		Loading commit data...
include		Loading commit data...
lib		Loading commit data...
programs		Loading commit data...
BUILD		Loading commit data...
CHANGELOG		Loading commit data...
COPYING		Loading commit data...
ChangeLog.X.org		Loading commit data...
Imakefile		Loading commit data...
LABEL		Loading commit data...
LICENSE		Loading commit data...
Makefile		Loading commit data...
README		Loading commit data...
README.crypto		Loading commit data...
RELNOTES		Loading commit data...
registry		Loading commit data...
xf86Date.h		Loading commit data...

README