CVSROOT: /cvs
Module name: xenocara
Changes by: matth...@cvs.openbsd.org 2016/10/04 09:08:08
Modified files:
lib/libXtst/src: XRecord.c
Log message:
Out of boundary access and endless loop in libXtst
A lack of range checks in libXtst allows out of boundary accesses.
The checks have to be done in-place here, because it cannot be done
without in-depth knowledge of the read data.
If XRecordStartOfData, XRecordEndOfData, or XRecordClientDied
without a client sequence have attached data, an endless loop would
occur. The do-while-loop continues until the current index reaches
the end. But in these cases, the current index would not be
incremented, leading to an endless processing.
>From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016
