andreacavalli
/
xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
xserver-multidpi/os
History
Michal Srb 9c23685009 os: Make sure big requests have sufficient length. 
A client can send a big request where the 32B "length" field has value
0. When the big request header is removed and the length corrected,
the value will underflow to 0xFFFFFFFF.  Functions processing the
request later will think that the client sent much more data and may
touch memory beyond the receive buffer.

Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
 		2017-10-09 17:08:33 -07:00
..
.gitignore dix and os: gitignore dix.O and os.O 2011-09-23 17:14:47 -07:00
Makefile.am os,dix: Depend custom libs on libs, not objects 2017-01-02 12:45:28 -05:00
WaitFor.c os: return 0 from check_timers if we touched any of them 2017-01-02 14:11:11 -05:00
access.c Revert "XDMCP: For IPv6 add link local addresses to the end of the list" 2016-06-21 11:45:17 -04:00
auth.c os: make GenerateRandomData() independent of XCSECURITY 2017-08-22 10:59:40 -04:00
backtrace.c Replace 'sun' with '__sun' 2015-11-30 11:51:22 -05:00
busfault.c os: Fix iteration over busfaults 2017-02-23 09:20:48 +10:00
client.c DetermineClientCmd: try using /proc/pid/cmdline on Solaris too 2017-02-14 11:33:47 -05:00
connection.c os: Set oc->fd to -1 when connection is closed 2017-06-13 09:56:44 -04:00
inputthread.c os: log a bug whenever WriteToClient is called from the input thread 2017-02-27 09:25:08 +10:00
io.c os: Make sure big requests have sufficient length. 2017-10-09 17:08:33 -07:00
log.c os: Failure to remove a non-existent log file is not an error 2016-01-06 12:23:31 -05:00
meson.build meson: Only detect each function once 2017-05-10 15:08:25 -04:00
mitauth.c os: make MitGenerateCookie() independent of XCSECURITY 2017-08-22 10:59:40 -04:00
oscolor.c Drop trailing whitespaces 2014-11-12 10:25:00 +10:00
osdep.h os: Use CloseDownFileDescriptor from AbortClient, including ospoll_remove 2017-06-13 09:56:34 -04:00
osinit.c os: Handle SIGABRT 2017-04-26 16:07:19 -04:00
ospoll.c meson: Fix epoll detection 2017-08-14 13:34:11 -07:00
ospoll.h os: Add ospoll interface [v2] 2016-07-21 15:04:47 -04:00
reallocarray.c Import reallocarray() from OpenBSD 2015-04-21 16:57:08 -07:00
rpcauth.c auth: remove AuthToIDFunc and associated functions. Not used anymore. 2017-02-28 14:15:19 -05:00
strcasecmp.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
strcasestr.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
strlcat.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
strlcpy.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
strndup.c os: Ensure <dix-config.h> is included in strndup.c 2013-02-14 09:20:46 -08:00
timingsafe_memcmp.c timingsafe_memcmp: Fix meson build 2017-05-10 10:56:16 -04:00
utils.c os: Fix warning in LockServer 2017-08-30 15:53:04 -04:00
xdmauth.c auth: remove AuthToIDFunc and associated functions. Not used anymore. 2017-02-28 14:15:19 -05:00
xdmcp.c os: Switch server to poll(2) [v3] 2016-07-21 15:04:47 -04:00
xprintf.c os/xprintf: add Xvscnprintf and Xscnprintf 2012-05-03 14:59:23 +10:00
xserver_poll.c os: Add poll emulation for mingw [v2] 2016-07-19 11:08:21 -07:00
xsha1.c os/xsha1.c: Add license and copyright attribution. 2015-01-02 13:39:52 -08:00
xstrans.c Clean up a couple of warnings in os/ 2013-10-31 16:58:12 -07:00