Snippets Groups Projects

Due to an influx of spam, we have had to impose restrictions on new accounts. Please see this wiki page for instructions on how to get full permissions. Sorry for the inconvenience.

The migration is almost done, at least the rest should happen in the background. There are still a few technical difference between the old cluster and the new ones, and they are summarized in this issue. Please pay attention to the TL:DR at the end of the comment.

Commit 7916869d authored 1 year ago by Yair Mizrahi Committed by Alan Coopersmith 1 year ago

CVE-2023-43787: Integer overflow in XCreateImage() leading to a heap overflow

When the format is `Pixmap` it calculates the size of the image data as:
ROUNDUP((bits_per_pixel * width), image->bitmap_pad);
There is no validation on the `width` of the image, and so this
calculation exceeds the capacity of a 4-byte integer, causing an overflow.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

parent b4031fc0

No related branches found

No related tags found

Checking pipeline status

Hide whitespace changes

Inline Side-by-side

Showing with 15 additions and 5 deletions

Please register or to comment