Commit acdaaadc authored by Matthieu Herrb's avatar Matthieu Herrb

Fix an integer overflow in init_om()

CVE-2020-14363

This can lead to a double free later, as reported by Jayden Rivers.
Signed-off-by: Matthieu Herrb's avatarMatthieu Herrb <matthieu@herrb.eu>
parent d15c24c8
......@@ -1908,7 +1908,8 @@ init_om(
char **required_list;
XOrientation *orientation;
char **value, buf[BUFSIZ], *bufptr;
int count = 0, num = 0, length = 0;
int count = 0, num = 0;
unsigned int length = 0;
_XlcGetResource(lcd, "XLC_FONTSET", "on_demand_loading", &value, &count);
if (count > 0 && _XlcCompareISOLatin1(*value, "True") == 0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment