fdo-mirrors/xorg-libx11
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/lib/libx11.git synced 2026-05-07 05:08:03 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

unvalidated index in _XkbReadKeyActions() [CVE-2013-1997 6/15]

Browse source 
If the X server returns key action indexes outside the range of the number
of keys it told us to allocate, out of bounds memory access could occur.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr>
This commit is contained in:
Alan Coopersmith 2013-03-02 09:40:22 -08:00
parent fd7d4956bc
commit 00626c3830
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/xkb/XKBGetMap.c
View file

@ -269,6 +269,10 @@ Status ret = Success;
symMap = &info->map->key_sym_map[rep->firstKeyAct];
for (i=0;i<(int)rep->nKeyActs;i++,symMap++) {
if (numDesc[i]==0) {
if ((i + rep->firstKeyAct) > (info->max_key_code + 1)) {
ret = BadLength;
goto done;
}
info->server->key_acts[i+rep->firstKeyAct]= 0;
}
else {