Hi, I've found some bugs in directfb source tree:
* CWE-192: Integer Coercion Error 'rect->w' is not explicitly unsigned. => http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1735 => http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1759 * CWE-787: Out-of-bounds Write 'count' can exceed 'dst' buffer size. => http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1676 => http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1626 And 'Dispatch_Read' function may also be worth a look... Regards, Frederic
signature.asc
Description: OpenPGP digital signature
_______________________________________________ directfb-dev mailing list directfb-dev@directfb.org http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev