andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix for CVE-2008-0006 - PCF Font parser buffer overflow.

Browse Source 
(cherry picked from commit f09b8007e7)
This commit is contained in:
Matthieu Herrb 2008-01-17 15:29:06 +01:00 committed by Jeremy Huddleston
parent 0dbe1a0902
commit 73abb373e6
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dix/dixfonts.c
View File

@ -329,6 +329,13 @@ doOpenFont(ClientPtr client, OFclosurePtr c)
err = BadFontName;
goto bail;
}
/* check values for firstCol, lastCol, firstRow, and lastRow */
if (pfont->info.firstCol > pfont->info.lastCol ||
pfont->info.firstRow > pfont->info.lastRow ||
pfont->info.lastCol - pfont->info.firstCol > 255) {
err = AllocError;
goto bail;
}
if (!pfont->fpe)
pfont->fpe = fpe;
pfont->refcnt++;