frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix for CVE-2008-0006 - PCF Font parser buffer overflow.

This commit is contained in:
Matthieu Herrb 2008-01-17 15:29:06 +01:00
parent 6de61f8272
commit 8e133d9674
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dix/dixfonts.c
View File

@ -326,6 +326,13 @@ doOpenFont(ClientPtr client, OFclosurePtr c)
err = BadFontName; err = BadFontName;
goto bail; goto bail;
} }
/* check values for firstCol, lastCol, firstRow, and lastRow */
if (pfont->info.firstCol > pfont->info.lastCol ||
pfont->info.firstRow > pfont->info.lastRow ||
pfont->info.lastCol - pfont->info.firstCol > 255) {
err = AllocError;
goto bail;
}
if (!pfont->fpe) if (!pfont->fpe)
pfont->fpe = fpe; pfont->fpe = fpe;
pfont->refcnt++; pfont->refcnt++;