On 06/25/13 01:35 PM, Thomas Klausner wrote:
--- src/FontNames.c | 2 +- src/GetFPath.c | 2 +- src/ListExt.c | 2 +- src/ModMap.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-)
All of those checks were correct and don't need "fixing" (they perhaps could have been wrapped in #ifdef LONG64 to hide them when long is > 34-bits and thus impossible to reach these conditions), but I've gone ahead and pushed with a revised commit comment: commit 24d3ee0d08f24e23c91d55702f010f73d7b908e5 Author: Thomas Klausner <w...@netbsd.org> Date: Tue Jun 25 22:35:29 2013 +0200 Tighten out-of-range comparisons. [For all of these, LONG_MAX was the correct value to prevent overflows for the recent CVEs. Lowering to INT_MAX catches buggy replies from the server that 32-bit clients would reject but 64-bit would accept, so we catch bugs sooner, and really, no sane & working server should ever report more than 2gb of extension names, font path entries, key modifier maps, etc. -alan- ] Reviewed-by: Alan Coopersmith <alan.coopersm...@oracle.com> Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> Pushed to ssh://git.freedesktop.org/git/xorg/lib/libX11 6d92608..24d3ee0 master -> master -- -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Engineering - http://blogs.oracle.com/alanc _______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel