andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
820d9040f5
xserver-multidpi/hw/xfree86/parser
History
Servaas Vandenberghe 820d9040f5 xfree86: fix potential buffer overflow 
The patch below fixes a potential buffer overflow in xf86addComment().
This occurs if  curlen > 0 && eol_seen == 0 && iscomment == 0 , as
follows from the code:

char *xf86addComment(char *cur, char *add)

<...>

        len = strlen(add);
        endnewline = add[len - 1] == '\n';
        len +=  1 + iscomment + (!hasnewline) + (!endnewline) + eol_seen;

        if ((str = realloc(cur, len + curlen)) == NULL)
                return cur;

        cur = str;

        if (eol_seen || (curlen && !hasnewline))
                cur[curlen++] = '\n';
        if (!iscomment)
                cur[curlen++] = '#';
        strcpy(cur + curlen, add);
        if (!endnewline)
                strcat(cur, "\n");

Signed-off-by: Servaas Vandenberghe <vdb@picaros.org>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>

[whot: added buffer overflow test case]

Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
2011-10-31 09:39:04 +10:00
..
Configint.h xfree86: Purge parsePrologueVoid. 2010-08-27 19:05:43 -04:00
configProcs.h xfree86: Introduce InputClass configuration 2009-12-23 05:54:40 -08:00
Device.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
DRI.c dri1: Remove "buffers" from the config logic 2010-10-18 15:34:08 -04:00
Extensions.c config: Remove useless xf86conf{{m,c,re}alloc},free} macros 2009-04-06 17:56:49 -04:00
Files.c config: Remove useless xf86conf{{m,c,re}alloc},free} macros 2009-04-06 17:56:49 -04:00
Flags.c input: switch InputOption to use XF86OptionRec storage. 2011-10-25 14:06:39 +10:00
Input.c xfree86: parser: Never use constant strings for driver names (fixes #17438) 2010-08-13 11:43:18 +10:00
InputClass.c xfree86: Allow "MatchLayout" statements in config files 2011-05-25 08:23:58 +10:00
Layout.c input: switch InputOption to use XF86OptionRec storage. 2011-10-25 14:06:39 +10:00
Makefile.am xfree86: switch options from pointer to XF86OptionPtr 2011-09-27 11:43:36 +10:00
Module.c config: Remove useless xf86conf{{m,c,re}alloc},free} macros 2009-04-06 17:56:49 -04:00
Monitor.c xfree86: parser: Remove 'CUSTOM' flag option in Monitor section. 2010-11-10 21:35:58 -08:00
Pointer.c xfree86: warning fix 2011-03-28 13:00:58 -04:00
read.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
scan.c xfree86: fix potential buffer overflow 2011-10-31 09:39:04 +10:00
Screen.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
Vendor.c config: Remove useless xf86conf{{m,c,re}alloc},free} macros 2009-04-06 17:56:49 -04:00
Video.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
write.c os/xfree86: remove macro checking for POSIX symbols 2010-09-10 21:49:28 +03:00
xf86Optrec.h xfree86: switch options from pointer to XF86OptionPtr 2011-09-27 11:43:36 +10:00
xf86Parser.h xfree86: Allow "MatchLayout" statements in config files 2011-05-25 08:23:58 +10:00
xf86tokens.h Remove unused vtSysreq 2011-09-29 23:05:35 +06:00