diff options
| author | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2022-11-06 11:33:14 +0000 |
|---|---|---|
| committer | Matthieu Herrb <matthieu@cvs.openbsd.org> | 2022-11-06 11:33:14 +0000 |
| commit | 121b289419e7159580c788a7369b49836b76627e (patch) | |
| tree | 78205d717c66bdf4bf39c6db88dc7bc0c3301b8f /lib/pixman | |
| parent | 24daaaab97d4aa0fe13608d60e29b8da363db18d (diff) | |
CVE 2022-44638 An integer overflow in pixman mat lead to out-of-bounds
write.
Diffstat (limited to 'lib/pixman')
| -rw-r--r-- | lib/pixman/pixman/pixman-trap.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/pixman/pixman/pixman-trap.c b/lib/pixman/pixman/pixman-trap.c index 91766fdbf..7560405ee 100644 --- a/lib/pixman/pixman/pixman-trap.c +++ b/lib/pixman/pixman/pixman-trap.c @@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y, if (f < Y_FRAC_FIRST (n)) { - if (pixman_fixed_to_int (i) == 0x8000) + if (pixman_fixed_to_int (i) == 0xffff8000) { f = 0; /* saturate */ } |