On Sun, Feb 15, 2015 at 2:11 PM, Mihai Moldovan <[email protected]> wrote: > On 14.02.2015 05:47 PM, [email protected] wrote: >> This is an automated email from the git hooks/post-receive script. >> >> x2go pushed a commit to branch 3.6.x >> in repository nx-libs. >> >> commit af55da1e9c1a6a352b24823a8f7062c288ffbbc0 >> Author: Mike DePaulo <[email protected]> >> Date: Sun Feb 8 19:15:20 2015 -0500 >> >> LZW decompress: fix for CVE-2011-2895 From xorg/lib/Xfont commit >> d11ee5886e9d9ec610051a206b135a4cdc1e09a0 >> >> Specially crafted LZW stream can crash an application using libXfont >> that is used to open untrusted font files. With X server, this may >> allow privilege escalation when exploited >> --- >> nx-X11/lib/font/fontfile/decompress.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/nx-X11/lib/font/fontfile/decompress.c >> b/nx-X11/lib/font/fontfile/decompress.c >> index a4c5468..553b315 100644 >> --- a/nx-X11/lib/font/fontfile/decompress.c >> +++ b/nx-X11/lib/font/fontfile/decompress.c >> @@ -261,6 +261,8 @@ BufCompressedFill (BufFilePtr f) >> */ >> while ( code >= 256 ) >> { >> + if (stackp - de_stack >= STACK_SIZE - 1) >> + return BUFFILEEOF; > Personally, I would have written that as > if ((stackp - de_stack) >= (STACK_SIZE - 1)) > > But that's my personal style and I like to over-parenthesis. Both the upstream commit and the RHEL5 patch have it written this way, but I agree that your style is better.
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/os/SRPMS/libXfont-1.2.2-1.0.6.el5_11.src.rpm (cve-2011-2895.patch) _______________________________________________ x2go-dev mailing list [email protected] http://lists.x2go.org/listinfo/x2go-dev
