andreacavalli
/
xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
xserver-multidpi/Xi
History
Alan Coopersmith 73c63afb93 Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 
Multiple functions in the Xinput extension handling of requests from
clients failed to check that the length of the request sent by the
client was large enough to perform all the required operations and
thus could read or write to memory outside the bounds of the request
buffer.

This commit includes the creation of a new REQUEST_AT_LEAST_EXTRA_SIZE
macro in include/dix.h for the common case of needing to ensure a
request is large enough to include both the request itself and a
minimum amount of extra data following the request header.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
 		2014-12-08 18:09:48 -08:00
..
Makefile.am Build Xi/stubs.c once as a convenience library, rather than once for each DDX which wants to use it 2014-03-27 14:09:43 +00:00
allowev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
allowev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgdctl.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
chgdctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgfctl.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
chgfctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkbd.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkbd.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgkmap.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
chgkmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgprop.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
chgprop.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgptr.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
chgptr.h Xi: Remove redundant declaration. 2012-05-14 13:17:30 +01:00
closedev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
closedev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
devbell.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
devbell.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
exevents.c Xi: block SIGIOs while copying device classes around 2014-05-23 11:08:17 +10:00
exglobals.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
extinit.c input: un-constify dev->name 2014-02-04 11:27:48 +10:00
getbmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getbmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getdctl.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getdctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getfctl.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getfctl.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getfocus.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getkmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getkmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getmmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getmmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getprop.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getprop.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getselev.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getselev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
getvers.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
getvers.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdev.c Xi: Use 'void *' instead of 'Pointer' (which is going away) 2014-01-22 19:56:31 -08:00
grabdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdevb.c Use C99 designated initializers in extension Events 2012-07-09 22:52:30 -07:00
grabdevb.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
grabdevk.c Use C99 designated initializers in extension Events 2012-07-09 22:52:30 -07:00
grabdevk.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
gtmotion.c Fix formatting of address operators 2012-12-05 18:09:48 -06:00
gtmotion.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
listdev.c Xi: remove superfluous cast. 2014-02-04 10:53:59 +10:00
listdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
opendev.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
opendev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
queryst.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
queryst.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
selectev.c Indentation: Change '& stuff' to '&stuff' 2012-03-21 14:02:30 -07:00
selectev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
sendexev.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
sendexev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setbmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
setbmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setdval.c Xi: always return BadMatch for XTest devices ChangeDeviceControl requests 2013-05-07 09:40:44 +10:00
setdval.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setfocus.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setmmap.c Use C99 designated initializers in Xinput Replies 2012-07-09 19:58:30 -07:00
setmmap.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
setmode.c Xi: always return BadMatch for XTest devices ChangeDeviceControl requests 2013-05-07 09:40:44 +10:00
setmode.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
stubs.c Xi: make stub DeleteInputDeviceRequest call RemoveDevice 2012-05-24 14:57:11 +10:00
ungrdev.c Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdevb.c dix: AllocGrab can copy if an argument is passed in 2013-05-10 14:32:37 +10:00
ungrdevb.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
ungrdevk.c dix: AllocGrab can copy if an argument is passed in 2013-05-10 14:32:37 +10:00
ungrdevk.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiallowev.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiallowev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xibarriers.c Replace 'pointer' type with 'void *' 2014-01-12 10:24:11 -08:00
xibarriers.h Xi: free barrier code at reset time 2013-05-07 09:41:19 +10:00
xichangecursor.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xichangecursor.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xichangehierarchy.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xichangehierarchy.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xigetclientpointer.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xigetclientpointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xigrabdev.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xigrabdev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xipassivegrab.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xipassivegrab.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiproperty.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiproperty.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiquerydevice.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiquerydevice.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiquerypointer.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiquerypointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiqueryversion.c Xi: Clamp XIClient maximal version to XIVersion 2013-08-01 14:51:41 +10:00
xiqueryversion.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiselectev.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiselectev.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xisetclientpointer.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xisetclientpointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xisetdevfocus.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xisetdevfocus.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00
xiwarppointer.c Xi: unvalidated lengths in Xinput extension [CVE-2014-8095] 2014-12-08 18:09:48 -08:00
xiwarppointer.h Introduce a consistent coding style 2012-03-21 13:54:42 -07:00