fix for ZDI-11426
Avoid leaking un-initalized memory to clients by zeroing the whole pixmap on initial allocation. This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
This commit is contained in:
parent
9d8e7c4828
commit
aac28e162e
|
@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
|
|||
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
|
||||
return NullPixmap;
|
||||
|
||||
pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
|
||||
pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
|
||||
if (!pPixmap)
|
||||
return NullPixmap;
|
||||
|
||||
|
|
Loading…
Reference in New Issue