xserver

History

Olivier Fourdan 3c3a4b767b randr: Check for overflow in RRChangeProviderProperty() A client might send a request causing an integer overflow when computing the total size to allocate in RRChangeProviderProperty(). To avoid the issue, check that total length in bytes won't exceed the maximum integer value. CVE-2025-49180 This issue was discovered by Nils Emmerich <nemmerich@ernw.de> and reported by Julian Suleder via ERNW Vulnerability Disclosure. Signed-off-by: Olivier Fourdan <ofourdan@redhat.com> Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024>		2025-06-17 14:21:24 +02:00
..
meson.build	meson: hide C API if Xorg is disabled (like autotools)	2021-03-11 00:22:36 +00:00
randr.c	Revert "randr: use explicit case statement instead of ProcRandrVector table"	2025-06-11 13:44:30 -07:00
randrstr.h	render: drop obsolete macros pict_f_transform and pict_f_vector	2024-03-03 22:54:16 +00:00
randrstr_priv.h	Revert "randr: let SProc's call their Proc's directly"	2025-06-11 13:44:43 -07:00
rrcrtc.c	Revert "randr: RRCrtcCreate(): drop unnecessary zero assigments"	2025-06-11 13:44:02 -07:00
rrdispatch.c	Revert "randr: let SProc's call their Proc's directly"	2025-06-11 13:44:43 -07:00
rrinfo.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrlease.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrmode.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrmonitor.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rroutput.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrpointer.c	dix: unexport GetSpritePosition()	2024-09-02 16:43:29 +00:00
rrproperty.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrprovider.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrproviderproperty.c	randr: Check for overflow in RRChangeProviderProperty()	2025-06-17 14:21:24 +02:00
rrscreen.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00
rrsdispatch.c	Revert "randr: let SProc's call their Proc's directly"	2025-06-11 13:44:43 -07:00
rrtransform.c	randr: Silence -Wshift-negative-value warnings	2015-10-19 11:51:52 -04:00
rrtransform.h	render: drop obsolete macros pict_f_transform and pict_f_vector	2024-03-03 22:54:16 +00:00
rrxinerama.c	Revert "randr: use struct initializer for reply structs"	2025-06-11 13:43:47 -07:00