wayland

mirror of https://gitlab.freedesktop.org/wayland/wayland.git synced 2025-10-29 05:40:16 -04:00

History

Tobias Stoeckmann 5d201df72f cursor: Fix heap overflows when parsing malicious files. It is possible to trigger heap overflows due to an integer overflow while parsing images. The integer overflow occurs because the chosen limit 0x10000 for dimensions is too large for 32 bit systems, because each pixel takes 4 bytes. Properly chosen values allow an overflow which in turn will lead to less allocated memory than needed for subsequent reads. See also: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=103961 Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> [Pekka: add link to the corresponding libXcursor commit] Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>		2017-11-29 09:45:10 +02:00
..
convert_font.c	cursor: Update printed license from MIT "X11" to MIT "Expat"	2015-06-22 14:50:20 +03:00
cursor-data.h	(multiple): Include stdint.h	2016-07-25 18:39:32 -07:00
cursor.pcf	cursor: add cursor.pcf and extraction program	2012-09-10 21:05:14 -04:00
os-compatibility.c	cursor: Remove "weston" from anonymous shm filenames	2016-11-21 09:58:25 +00:00
os-compatibility.h	cursor: Update boilerplate from MIT X11 license to MIT Expat license	2015-06-12 15:51:38 -07:00
wayland-cursor-uninstalled.pc.in	build: add uninstalled pkg-config files	2012-05-29 10:09:59 -04:00
wayland-cursor.c	(multiple): Include stdint.h	2016-07-25 18:39:32 -07:00
wayland-cursor.h	cursor: Update boilerplate from MIT X11 license to MIT Expat license	2015-06-12 15:51:38 -07:00
wayland-cursor.pc.in	pkgconfig: Use configure provided directories	2012-11-27 20:35:50 -05:00
xcursor.c	cursor: Fix heap overflows when parsing malicious files.	2017-11-29 09:45:10 +02:00
xcursor.h	xcursor: Change keithp licensed code from X11 to Expat license	2015-06-12 15:51:38 -07:00