OpenBSD / xenocara / qpoMMGz / MFC: Unvalidated lengths

OpenBSD/xenocara qpoMMGz — xserver/Xext xres.c xvdisp.c, xserver/hw/dmx dmxpict.c

2017-10-14 09:20:42 UTC by matthieu on ⎇

HEAD

🏷

OPENBSD_6_8_BASE
OPENBSD_6_7_BASE
OPENBSD_6_6_BASE
OPENBSD_6_5_BASE
OPENBSD_6_4_BASE
OPENBSD_6_3_BASE

   MFC: Unvalidated lengths

   v2: Add overflow check and remove unnecessary check (Julien Cristau)

   This addresses:
   CVE-2017-12184 in XINERAMA
   CVE-2017-12185 in MIT-SCREEN-SAVER
   CVE-2017-12186 in X-Resource
   CVE-2017-12187 in RENDER

Version	Delta		File
1.11	+3	-1	xserver/Xext/xres.c
1.14	+3	-1	xserver/Xext/xvdisp.c
1.4	+2	-1	xserver/pseudoramiX/pseudoramiX.c
1.21	+3	-0	xserver/render/render.c
1.13	+2	-1	xserver/Xext/panoramiX.c
1.17	+2	-0	xserver/Xext/saver.c
1.12	+2	-0	xserver/hw/dmx/dmxpict.c
	+17	-4	7 files

Unified Split Raw