diff options
Diffstat (limited to 'x11-servers/xorg-server/files/patch-CVE-2017-12176')
-rw-r--r-- | x11-servers/xorg-server/files/patch-CVE-2017-12176 | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/x11-servers/xorg-server/files/patch-CVE-2017-12176 b/x11-servers/xorg-server/files/patch-CVE-2017-12176 deleted file mode 100644 index c5c6fb85c136..000000000000 --- a/x11-servers/xorg-server/files/patch-CVE-2017-12176 +++ /dev/null @@ -1,31 +0,0 @@ -From 95f605b42d8bbb6bea2834a1abfc205981c5b803 Mon Sep 17 00:00:00 2001 -From: Nathan Kidd <nkidd@opentext.com> -Date: Fri, 9 Jan 2015 10:15:46 -0500 -Subject: Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) - -Reviewed-by: Julien Cristau <jcristau@debian.org> -Signed-off-by: Nathan Kidd <nkidd@opentext.com> -Signed-off-by: Julien Cristau <jcristau@debian.org> -(cherry picked from commit b747da5e25be944337a9cd1415506fc06b70aa81) - -diff --git a/dix/dispatch.c b/dix/dispatch.c -index 0da431b..0fdfe11 100644 ---- dix/dispatch.c -+++ dix/dispatch.c -@@ -3703,7 +3703,12 @@ ProcEstablishConnection(ClientPtr client) - prefix = (xConnClientPrefix *) ((char *) stuff + sz_xReq); - auth_proto = (char *) prefix + sz_xConnClientPrefix; - auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto); -- if ((prefix->majorVersion != X_PROTOCOL) || -+ -+ if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix + -+ pad_to_int32(prefix->nbytesAuthProto) + -+ pad_to_int32(prefix->nbytesAuthString)) -+ reason = "Bad length"; -+ else if ((prefix->majorVersion != X_PROTOCOL) || - (prefix->minorVersion != X_PROTOCOL_REVISION)) - reason = "Protocol version mismatch"; - else --- -cgit v0.10.2 - |