9f957a9f79
The memory for filter names is reserved right after receiving the reply. After that, filters are iterated and each individual filter name is stored in that reserved memory. The individual name lengths are not checked for validity, which means that a malicious server can reserve less memory than it will write to during each iteration. From Tobias Stoeckmann / X.Org security advisory Oct 4, 2016 |
||
|---|---|---|
| .. | ||
| doc | ||
| include/X11/extensions | ||
| src | ||
| aclocal.m4 | ||
| AUTHORS | ||
| ChangeLog | ||
| compile | ||
| config.guess | ||
| config.h.in | ||
| config.sub | ||
| configure | ||
| configure.ac | ||
| COPYING | ||
| depcomp | ||
| INSTALL | ||
| install-sh | ||
| ltmain.sh | ||
| Makefile.am | ||
| Makefile.bsd-wrapper | ||
| Makefile.in | ||
| missing | ||
| README | ||
| xrender.pc.in | ||
libXrender - library for the Render Extension to the X11 protocol
All questions regarding this software should be directed at the
Xorg mailing list:
http://lists.freedesktop.org/mailman/listinfo/xorg
Please submit bug reports to the Xorg bugzilla:
https://bugs.freedesktop.org/enter_bug.cgi?product=xorg
The master development code repository can be found at:
git://anongit.freedesktop.org/git/xorg/lib/libXrender
http://cgit.freedesktop.org/xorg/lib/libXrender
For patch submission instructions, see:
http://www.x.org/wiki/Development/Documentation/SubmittingPatches
For more information on the git code manager, see:
http://wiki.x.org/wiki/GitPage