[X2Go-Commits] [nx-libs] 13/52: LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0
git-admin at x2go.org
git-admin at x2go.org
Sat Feb 14 17:47:06 CET 2015
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch 3.6.x
in repository nx-libs.
commit af55da1e9c1a6a352b24823a8f7062c288ffbbc0
Author: Mike DePaulo <mikedep333 at gmail.com>
Date: Sun Feb 8 19:15:20 2015 -0500
LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Specially crafted LZW stream can crash an application using libXfont
that is used to open untrusted font files. With X server, this may
allow privilege escalation when exploited
---
nx-X11/lib/font/fontfile/decompress.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/nx-X11/lib/font/fontfile/decompress.c b/nx-X11/lib/font/fontfile/decompress.c
index a4c5468..553b315 100644
--- a/nx-X11/lib/font/fontfile/decompress.c
+++ b/nx-X11/lib/font/fontfile/decompress.c
@@ -261,6 +261,8 @@ BufCompressedFill (BufFilePtr f)
*/
while ( code >= 256 )
{
+ if (stackp - de_stack >= STACK_SIZE - 1)
+ return BUFFILEEOF;
*stackp++ = file->tab_suffix[code];
code = file->tab_prefix[code];
}
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/nx-libs.git
More information about the x2go-commits
mailing list