CVSROOT: /cvs Module name: xenocara Changes by: matth...@cvs.openbsd.org 2017/10/14 03:03:00
Modified files:
lib/libXfont/src/bitmap: pcfread.c
Log message:
MFC: pcfGetProperties: Check string boundaries (CVE-2017-13722)
Without the checks a malformed PCF file can cause the library to make
atom from random heap memory that was behind the `strings` buffer.
This may crash the process or leak information.
