Commit 9802a016 authored by Keith Packard's avatar Keith Packard Committed by Alan Coopersmith

Missing parens in REQUEST_FIXED_SIZE macro [CVE-2014-8092 pt. 5]

The 'n' parameter must be surrounded by parens in both places to
prevent precedence from mis-computing things.
Signed-off-by: Keith Packard's avatarKeith Packard <keithp@keithp.com>
Reviewed-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
parent 61b17c0f
......@@ -80,7 +80,7 @@ SOFTWARE.
#define REQUEST_FIXED_SIZE(req, n)\
if (((sizeof(req) >> 2) > client->req_len) || \
((n >> 2) >= client->req_len) || \
(((n) >> 2) >= client->req_len) || \
((((uint64_t) sizeof(req) + (n) + 3) >> 2) != (uint64_t) client->req_len)) \
return(BadLength)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment