[X2Go-Commits] [vcxsrv] 02/05: Fix CVE-2013-4396 (2013-10-08). The fix is included in upstream xserver 1.14.4 .
git-admin at x2go.org
git-admin at x2go.org
Mon Mar 9 05:12:03 CET 2015
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to tag 1.14.3.1
in repository vcxsrv.
commit 0ab0f870694adbca389833d62e4514b92c13e8bc
Author: Mike DePaulo <mikedep333 at gmail.com>
Date: Sat Apr 5 11:56:01 2014 -0400
Fix CVE-2013-4396 (2013-10-08). The fix is included in upstream xserver 1.14.4 .
---
xorg-server/dix/dixfonts.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/xorg-server/dix/dixfonts.c b/xorg-server/dix/dixfonts.c
index 22c2365..dd77008 100644
--- a/xorg-server/dix/dixfonts.c
+++ b/xorg-server/dix/dixfonts.c
@@ -1459,6 +1459,7 @@ doImageText(ClientPtr client, ITclosurePtr c)
GC *pGC;
unsigned char *data;
ITclosurePtr new_closure;
+ ITclosurePtr old_closure;
/* We're putting the client to sleep. We need to
save some state. Similar problem to that handled
@@ -1470,12 +1471,14 @@ doImageText(ClientPtr client, ITclosurePtr c)
err = BadAlloc;
goto bail;
}
+ old_closure = c;
*new_closure = *c;
c = new_closure;
data = malloc(c->nChars * itemSize);
if (!data) {
free(c);
+ c = old_closure;
err = BadAlloc;
goto bail;
}
@@ -1486,6 +1489,7 @@ doImageText(ClientPtr client, ITclosurePtr c)
if (!pGC) {
free(c->data);
free(c);
+ c = old_closure;
err = BadAlloc;
goto bail;
}
@@ -1498,6 +1502,7 @@ doImageText(ClientPtr client, ITclosurePtr c)
FreeScratchGC(pGC);
free(c->data);
free(c);
+ c = old_closure;
err = BadAlloc;
goto bail;
}
--
Alioth's /srv/git/code.x2go.org/vcxsrv.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/vcxsrv.git
More information about the x2go-commits
mailing list