Hello list, I am sending you proposal patches for fixing these two security bugs. Could you please review them?
Thanks! Petr
Index: proxy/dispatcher/idirectfbsurface_dispatcher.c
===================================================================
--- proxy/dispatcher/idirectfbsurface_dispatcher.c.orig 2014-03-22 21:05:18.000000000 +0100
+++ proxy/dispatcher/idirectfbsurface_dispatcher.c 2015-03-23 13:07:30.840507533 +0100
@@ -1729,6 +1729,9 @@
VOODOO_PARSER_GET_INT( parser, pitch );
VOODOO_PARSER_END( parser );
+ /* CVE-2014-2977 */
+ DFB_RECTANGLE_ASSERT_IF( rect );
+
if (encoded) {
switch (encoded) {
case 2: {
Index: proxy/dispatcher/idirectfbsurface_dispatcher.c
===================================================================
--- proxy/dispatcher/idirectfbsurface_dispatcher.c.orig 2014-03-22 21:05:18.000000000 +0100
+++ proxy/dispatcher/idirectfbsurface_dispatcher.c 2015-03-23 15:03:28.650053384 +0100
@@ -1629,6 +1629,11 @@
dst[out++] = RLE16_KEY;
}
else {
+ /* CVE-2014-2978 */
+ if (count > num - out ) {
+ break;
+ }
+
last = src[n++];
while (count >= 4) {
@@ -1679,6 +1684,11 @@
dst[out++] = RLE32_KEY;
}
else {
+ /* CVE-2014-2978 */
+ if (count > num - out ) {
+ break;
+ }
+
last = src[n++];
while (count >= 4) {
signature.asc
Description: Digital signature
_______________________________________________ directfb-dev mailing list directfb-dev@directfb.org http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev
