CVSROOT: /cvs Module name: xenocara Changes by: matth...@cvs.openbsd.org 2021/05/18 08:15:11
Modified files:
lib/libX11/src : Font.c FontInfo.c FontNames.c GetColor.c
LoadFont.c LookupCol.c ParseCol.c QuExt.c
SetFPath.c SetHints.c StNColor.c StName.c
Log message:
Reject string longer than USHRT_MAX before sending them on the wire
The X protocol uses CARD16 values to represent the length so
this would overflow.
CVE-2021-31535
