fdo-mirrors/xorg-libx11
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/lib/libx11.git synced 2026-05-07 06:18:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
read-only mirror of https://gitlab.freedesktop.org/xorg/lib/libx11
1061 commits 25 branches 130 tags 13 MiB
C 98.7%
Makefile 0.6%
M4 0.4%
Perl 0.3%
Find a file
Alan Coopersmith 90fd5abac2 Integer overflows in stringSectionSize() cause buffer overflow in ReadColornameDB() [CVE-2013-1981 6/13] 
LoadColornameDB() calls stringSectionSize() to do a first pass over the
file (which may be provided by the user via XCMSDB environment variable)
to determine how much memory needs to be allocated to read in the file,
then allocates the returned sizes and calls ReadColornameDB() to load the
data from the file into that newly allocated memory.

If stringSectionSize() overflows the signed ints used to calculate the
file size (say if you have an xcmsdb with ~4 billion lines in or a
combined string length of ~4 gig - which while it may have been
inconceivable when Xlib was written, is quite possible today), then
LoadColornameDB() may allocate a memory buffer much smaller than the
amount of data ReadColornameDB() will write to it.

The total size is left limited to an int, because if your xcmsdb file
is larger than 2gb, you're doing it wrong.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr>
2013-05-09 18:59:52 -07:00
include Add _XEatDataWords to discard a given number of 32-bit words of reply data 2013-05-09 18:59:50 -07:00
m4 Revert “Dolt-ify" 2010-09-13 05:27:41 -04:00
man Add <X11/Xresource.h> hint to all Xrm* man pages 2013-03-08 17:17:02 -08:00
modules unvalidated length in _XimXGetReadData() [CVE-2013-1997 12/15] 2013-05-09 18:59:52 -07:00
nls Add compose sequences for J́ and j́. 2013-05-07 18:38:14 -04:00
specs libX11 spec: Correct prototype for XConvertSelection 2012-06-06 13:31:19 -07:00
src Integer overflows in stringSectionSize() cause buffer overflow in ReadColornameDB() [CVE-2013-1981 6/13] 2013-05-09 18:59:52 -07:00
.gitignore .gitignore: use common defaults with custom section # 24239 2009-11-14 09:26:16 -05:00
AUTHORS libX11 1.5.0 2012-06-01 23:37:09 -07:00
autogen.sh autogen.sh: Implement GNOME Build API 2013-01-15 14:32:12 -05:00
configure.ac libX11 1.5.99.901 (1.6 RC1) 2013-03-09 19:16:03 -08:00
COPYING Bug 19379 - Provide docs with overview of all compose key combinations 2010-09-21 18:22:21 -07:00
cpprules.in nls: Use LC_CTYPE=C for sed magic 2012-02-12 19:14:37 -08:00
docbook.am docbook.am: embed css styles inside the HTML HEAD element 2011-12-30 17:08:14 -05:00
Makefile.am specs: build compose keys tables in specs/i18n/compose 2011-08-05 12:36:03 -04:00
NEWS Move security fixes to the top of NEWS, and fix spacing. 2007-06-03 21:41:47 -07:00
README Add README with pointers to mailing list, bugzilla & git repos 2009-02-02 20:34:31 -08:00
x11-xcb.pc.in Split public Xlib/XCB functions into libX11-xcb 2006-10-05 17:44:22 -07:00
x11.pc.in Bug 15664: xau & xdmcp not needed in x11.pc dependencies when built with xcb 2009-03-12 17:11:42 -07:00

README 

libX11 - Core X11 protocol client library

Documentation for this library can be found in the included man pages,
the xlib spec from the doc/xorg-docs module, also available at:

	http://xorg.freedesktop.org/releases/X11R7.0/doc/PDF/xlib.pdf

and the O'Reilly Xlib books, which they have made freely available online,
though only for older versions of X11:

 - X Series Volume 2: Xlib Reference Manual (1989, covers X11R3)
	http://www.archive.org/details/xlibretmanver1102nyemiss

 - X Series Volume 2: Xlib Reference Manual, 2nd Edition (1990, covers X11R4)
	http://www.archive.org/details/xlibrefmanv115ed02nyemiss

All questions regarding this software should be directed at the
Xorg mailing list:

        http://lists.freedesktop.org/mailman/listinfo/xorg

Please submit bug reports to the Xorg bugzilla:

        https://bugs.freedesktop.org/enter_bug.cgi?product=xorg

The master development code repository can be found at:

        git://anongit.freedesktop.org/git/xorg/lib/libX11

        http://cgit.freedesktop.org/xorg/lib/libX11

For patch submission instructions, see:

	http://www.x.org/wiki/Development/Documentation/SubmittingPatches

For more information on the git code manager, see:

        http://wiki.x.org/wiki/GitPage