frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix for ZDI-11426 

Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit a6b2cbe91793ae4967cd21a7103d889248029553)
This commit is contained in:
Matthieu Herrb 2020-07-25 19:33:50 +02:00 committed by Matt Turner
parent 2720b87157
commit 4979ac8f0b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dix/pixmap.c
View File

@ -117,7 +117,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize) if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
return NullPixmap; return NullPixmap;
pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize); pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
if (!pPixmap) if (!pPixmap)
return NullPixmap; return NullPixmap;