fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-02-04 18:50:27 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix for ZDI-11426

Browse source 
Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit a6b2cbe91793ae4967cd21a7103d889248029553)
This commit is contained in:
Matthieu Herrb 2020-07-25 19:33:50 +02:00 committed by Matt Turner
parent 2720b87157
commit 4979ac8f0b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dix/pixmap.c
View file

@ -117,7 +117,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
return NullPixmap;
pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
if (!pPixmap)
return NullPixmap;