Avoid integer overflow in XListInputDevices() [CVE-2013-1984 8/8]

If the length of the reply as reported by the Xserver is too long, it
could overflow the calculation for the size of the buffer to copy the
reply into, causing memory corruption.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

0 files changed, 0 insertions, 0 deletions