[X2Go-Dev] [X2Go-Commits] [nx-libs] 13/52: LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Mihai Moldovan
ionic at ionic.de
Sun Feb 15 21:21:25 CET 2015
On 15.02.2015 09:15 PM, Michael DePaulo wrote:
> On Sun, Feb 15, 2015 at 3:01 PM, Michael DePaulo <mikedep333 at gmail.com> wrote:
>> On Sun, Feb 15, 2015 at 2:11 PM, Mihai Moldovan <ionic at ionic.de> wrote:
>>> On 14.02.2015 05:47 PM, git-admin at x2go.org wrote:
>>>> [...]
>>>> diff --git a/nx-X11/lib/font/fontfile/decompress.c b/nx-X11/lib/font/fontfile/decompress.c
>>>> index a4c5468..553b315 100644
>>>> --- a/nx-X11/lib/font/fontfile/decompress.c
>>>> +++ b/nx-X11/lib/font/fontfile/decompress.c
>>>> @@ -261,6 +261,8 @@ BufCompressedFill (BufFilePtr f)
>>>> */
>>>> while ( code >= 256 )
>>>> {
>>>> + if (stackp - de_stack >= STACK_SIZE - 1)
>>>> + return BUFFILEEOF;
>>> Personally, I would have written that as
>>> if ((stackp - de_stack) >= (STACK_SIZE - 1))
>>>
>>> But that's my personal style and I like to over-parenthesis.
>> Both the upstream commit and the RHEL5 patch have it written this way,
>> but I agree that your style is better.
>>
>> http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
>>
>> ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/libXfont-1.2.2-1.0.6.el5_11.src.rpm
>> (cve-2011-2895.patch)
I know. I merely pointed that out (and have taken a look at the upstream
patch beforehand.)
> On a related note, upstream has this follow-up commit:
> http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=bd48ad11fd11412c62c3ac8ed5d52c4f10a985aa
>
> It was not backported to RHEL5 though.
We should probably backport it, though. Looks like an improvement
(fixing the issue more deeply.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20150215/11e1a480/attachment.pgp>
More information about the x2go-dev
mailing list