fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-05-05 00:38:00 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix for ZDI-11426

Browse source 
Avoid leaking un-initalized memory to clients by zeroing the
whole pixmap on initial allocation.

This vulnerability was discovered by:
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
This commit is contained in:
Matthieu Herrb 2020-07-25 19:33:50 +02:00 committed by Alan Coopersmith
parent 9d8e7c4828
commit aac28e162e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dix/pixmap.c
View file

@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
return NullPixmap;
pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
if (!pPixmap)
return NullPixmap;