rpms / xorg-x11-server

Clone
Source Code
GIT

Blame SOURCES/0001-Missing-parens-in-REQUEST_FIXED_SIZE-macro-CVE-2014-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   0fd9596437a827b198e323235f1033bc5150cae6
  2.   SOURCES
  3.   0001-Missing-parens-in-REQUEST_FIXED_SIZE-macro-CVE-2014-.patch
Blob History Raw
0fd959 
From 9802a0162f738de03585ca3f3b8a8266494f7d45 Mon Sep 17 00:00:00 2001
0fd959 
From: Keith Packard <keithp@keithp.com>
0fd959 
Date: Tue, 9 Dec 2014 09:30:59 -0800
0fd959 
Subject: [PATCH 1/2] Missing parens in REQUEST_FIXED_SIZE macro [CVE-2014-8092
0fd959 
 pt. 5]
0fd959
0fd959 
The 'n' parameter must be surrounded by parens in both places to
0fd959 
prevent precedence from mis-computing things.
0fd959
0fd959 
Signed-off-by: Keith Packard <keithp@keithp.com>
0fd959 
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
0fd959 
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
0fd959 
---
0fd959 
 include/dix.h | 2 +-
0fd959 
 1 file changed, 1 insertion(+), 1 deletion(-)
0fd959
0fd959 
diff --git a/include/dix.h b/include/dix.h
0fd959 
index 21176a8..921156b 100644
0fd959 
--- a/include/dix.h
0fd959 
+++ b/include/dix.h
0fd959 
@@ -80,7 +80,7 @@ SOFTWARE.
0fd959
0fd959 
 #define REQUEST_FIXED_SIZE(req, n)\
0fd959 
     if (((sizeof(req) >> 2) > client->req_len) || \
0fd959 
-        ((n >> 2) >= client->req_len) || \
0fd959 
+        (((n) >> 2) >= client->req_len) ||                              \
0fd959 
         ((((uint64_t) sizeof(req) + (n) + 3) >> 2) != (uint64_t) client->req_len))  \
0fd959 
          return(BadLength)
0fd959
0fd959 
--
0fd959 
2.1.0
0fd959

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation