Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
xorg-x11-server.27646
U_0007-Unvalidated-extra-length-in-ProcEstablis...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File U_0007-Unvalidated-extra-length-in-ProcEstablishConnection-.patch of Package xorg-x11-server.27646
From b747da5e25be944337a9cd1415506fc06b70aa81 Mon Sep 17 00:00:00 2001 From: Nathan Kidd <nkidd@opentext.com> Date: Fri, 9 Jan 2015 10:15:46 -0500 Subject: [PATCH 7/7] Unvalidated extra length in ProcEstablishConnection (CVE-2017-12176) Reviewed-by: Julien Cristau <jcristau@debian.org> Signed-off-by: Nathan Kidd <nkidd@opentext.com> Signed-off-by: Julien Cristau <jcristau@debian.org> --- dix/dispatch.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/dix/dispatch.c b/dix/dispatch.c index 8b371b678..176c7a0dd 100644 --- a/dix/dispatch.c +++ b/dix/dispatch.c @@ -3702,7 +3702,12 @@ ProcEstablishConnection(ClientPtr client) prefix = (xConnClientPrefix *) ((char *) stuff + sz_xReq); auth_proto = (char *) prefix + sz_xConnClientPrefix; auth_string = auth_proto + pad_to_int32(prefix->nbytesAuthProto); - if ((prefix->majorVersion != X_PROTOCOL) || + + if ((client->req_len << 2) != sz_xReq + sz_xConnClientPrefix + + pad_to_int32(prefix->nbytesAuthProto) + + pad_to_int32(prefix->nbytesAuthString)) + reason = "Bad length"; + else if ((prefix->majorVersion != X_PROTOCOL) || (prefix->minorVersion != X_PROTOCOL_REVISION)) reason = "Protocol version mismatch"; else -- 2.13.6
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor