Commit | Line | Data |
---|---|---|
7217e0ca ML |
1 | From 5fdc679e24abb348014164bf53b82a884a5b380d Mon Sep 17 00:00:00 2001 |
2 | From: Alan Coopersmith <alan.coopersmith@oracle.com> | |
3 | Date: Sun, 26 Jan 2014 17:18:54 -0800 | |
4 | Subject: [PATCH 09/33] xcmisc: unvalidated length in SProcXCMiscGetXIDList() | |
5 | [CVE-2014-8096] | |
6 | ||
7 | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> | |
8 | Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> | |
9 | --- | |
10 | Xext/xcmisc.c | 1 + | |
11 | 1 file changed, 1 insertion(+) | |
12 | ||
13 | diff --git a/Xext/xcmisc.c b/Xext/xcmisc.c | |
14 | index 034bfb6..1e91010 100644 | |
15 | --- a/Xext/xcmisc.c | |
16 | +++ b/Xext/xcmisc.c | |
17 | @@ -167,6 +167,7 @@ static int | |
18 | SProcXCMiscGetXIDList(ClientPtr client) | |
19 | { | |
20 | REQUEST(xXCMiscGetXIDListReq); | |
21 | + REQUEST_SIZE_MATCH(xXCMiscGetXIDListReq); | |
22 | ||
23 | swaps(&stuff->length); | |
24 | swapl(&stuff->count); | |
25 | -- | |
26 | 1.7.9.2 | |
27 |