On 06/25/13 01:35 PM, Thomas Klausner wrote:
---
src/FontNames.c | 2 +-
src/GetFPath.c | 2 +-
src/ListExt.c | 2 +-
src/ModMap.c | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
All of those checks were correct and don't need "fixing" (they perhaps
could have been wrapped in #ifdef LONG64 to hide them when long is
> 34-bits and thus impossible to reach these conditions), but I've gone
ahead and pushed with a revised commit comment:
commit 24d3ee0d08f24e23c91d55702f010f73d7b908e5
Author: Thomas Klausner <w...@netbsd.org>
Date: Tue Jun 25 22:35:29 2013 +0200
Tighten out-of-range comparisons.
[For all of these, LONG_MAX was the correct value to prevent overflows
for the recent CVEs. Lowering to INT_MAX catches buggy replies from
the server that 32-bit clients would reject but 64-bit would accept,
so we catch bugs sooner, and really, no sane & working server should
ever report more than 2gb of extension names, font path entries,
key modifier maps, etc. -alan- ]
Reviewed-by: Alan Coopersmith <alan.coopersm...@oracle.com>
Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
Pushed to ssh://git.freedesktop.org/git/xorg/lib/libX11
6d92608..24d3ee0 master -> master
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
_______________________________________________
xorg-devel@lists.x.org: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
