andreacavalli/xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
feebf67463
xserver-multidpi/hw/vfb
History
Alan Coopersmith feebf67463 Limit the number of screens Xvfb will attempt to allocate memory for 
Commit f9e3a2955d removing the MAXSCREEN limit left the screen
number too unlimited, and allowed any positive int for a screen number:

Xvfb :1 -screen 2147483647 1024x1024x8

Fatal server error:
Not enough memory for screen 2147483647

Found by Parfait 0.3.7:
Error: Integer overflow (CWE 190)
   Integer parameter of memory allocation function realloc() may overflow due to multiplication with constant value 1112
        at line 293 of hw/vfb/InitOutput.c in function 'ddxProcessArgument'.

Since the X11 connection setup only has a CARD8 for number of SCREENS,
limit to 255 screens, which is also low enough to avoid overflow on the
sizeof(*vfbScreens) * (screenNum + 1) calculation for realloc.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jamey Sharp <jamey@minilop.net>
2011-12-02 00:17:28 -08:00
..
man man: refactor common code in the man pages makefiles 2011-01-18 15:11:10 -08:00
.gitignore Xvfb: build Xvfb man pages using XORG_MANPAGE_SECTIONS 2011-01-18 15:10:24 -08:00
InitInput.c input: free the EQ allocated memory on shutdown (#38634) 2011-07-01 08:46:28 +10:00
InitOutput.c Limit the number of screens Xvfb will attempt to allocate memory for 2011-12-02 00:17:28 -08:00
Makefile.am Xvfb: build Xvfb man pages using XORG_MANPAGE_SECTIONS 2011-01-18 15:10:24 -08:00