summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@oracle.com>2013-04-13 12:18:57 -0700
committerAlan Coopersmith <alan.coopersmith@oracle.com>2013-04-26 16:21:48 -0700
commitf4a8dd63af518640468d82948f450aad4b2b1e6a (patch)
tree2644e1fcda9bfbc784fc750edcfa7582e9c6e633 /man
parent6fa471be7a005bde97bcb5ca5a17662ea8d32587 (diff)
integer overflow in XDGAQueryModes() [CVE-2013-1991 1/2]
number is a CARD32 and needs to be bounds checked before multiplying by sizeof(XDGAmode) to come up with the total size to allocate, to avoid integer overflow leading to underallocation and writing data from the network past the end of the allocated buffer. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Diffstat (limited to 'man')
0 files changed, 0 insertions, 0 deletions