From cd0603c2dc5ee000ebce66056bc1a72f99bfb617 Mon Sep 17 00:00:00 2001
From: Eamon Walsh <ewalsh@tycho.nsa.gov>
Date: Thu, 3 Jan 2008 21:41:02 -0500
Subject: [PATCH] Bug #13765: Heap corruption in XC-SECURITY extension code.

---
 Xext/xace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Xext/xace.c b/Xext/xace.c
index 9f8a8cc75..6a7df3188 100644
--- a/Xext/xace.c
+++ b/Xext/xace.c
@@ -448,7 +448,7 @@ XaceCensorImage(client, pVisibleRegion, widthBytesLine, pDraw, x, y, w, h,
 
 	/* convert region to list-of-rectangles for PolyFillRect */
 
-	pRects = (xRectangle *)xalloc(nRects * sizeof(xRectangle *));
+	pRects = (xRectangle *)xalloc(nRects * sizeof(xRectangle));
 	if (!pRects)
 	{
 	    failed = TRUE;