Mercurial Mercurial > upstream > oracle > x-cons > x-s11-update-clone / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6636174 *Xorg* [X.Org Bug 13524] XFree86-MISC Extension Invalid Array Index Vulnerability
authorAlan Coopersmith <Alan.Coopersmith@Sun.COM>
Fri, 14 Dec 2007 16:23:01 -0800
changeset 271 7aa9fcbae6a6
parent 270 91366a655ad4
child 272 d068fb17319b
6636174 *Xorg* [X.Org Bug 13524] XFree86-MISC Extension Invalid Array Index Vulnerability
open-src/xserver/xorg/6636174.patch file | annotate | diff | comparison | revisions
open-src/xserver/xorg/patch-list file | annotate | diff | comparison | revisions 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/open-src/xserver/xorg/6636174.patch	Fri Dec 14 16:23:01 2007 -0800
@@ -0,0 +1,13 @@
+--- xorg-server-1.3.0.0/hw/xfree86/common/xf86MiscExt.c	2006-11-16 10:01:24.000000000 -0800
++++ xorg-server-1.3.0.0/hw/xfree86/common/xf86MiscExt.c	2007-12-13 18:32:08.476098000 -0800
+@@ -640,6 +640,10 @@
+ 
+     DEBUG_P("MiscExtPassMessage");
+ 
++    /* should check this in the protocol, but xf86NumScreens isn't exported */
++    if (scrnIndex >= xf86NumScreens)
++	return BadValue;
++
+     if (*pScr->HandleMessage == NULL)
+ 	    return BadImplementation;
+     return (*pScr->HandleMessage)(scrnIndex, msgtype, msgval, retstr);
--- a/open-src/xserver/xorg/patch-list	Thu Dec 13 13:57:35 2007 -0800
+++ b/open-src/xserver/xorg/patch-list	Fri Dec 14 16:23:01 2007 -0800
@@ -49,3 +49,4 @@
 6278039.patch
 xv-swap.patch
 6635727.patch,-p1
+6636174.patch,-p1
upstream/oracle/x-cons/x-s11-update-clone