mirror of
https://gitlab.freedesktop.org/xorg/xserver.git
synced 2025-12-21 07:30:04 +01:00
597747c655
Error: Write outside array bounds at Xext/geext.c:406
in function 'GEWindowSetMask' [Symbolic analysis]
In array dereference of cli->nextSib[extension] with index 'extension'
Array size is 128 elements (of 4 bytes each), index <= 128
Error: Buffer overflow at dix/events.c:592
in function 'SetMaskForEvent' [Symbolic analysis]
In array dereference of filters[deviceid] with index 'deviceid'
Array size is 20 elements (of 512 bytes each), index >= 0 and index <= 20
Error: Read buffer overflow at hw/xfree86/loader/loader.c:226
in function 'LoaderOpen' [Symbolic analysis]
In array dereference of refCount[new_handle] with index 'new_handle'
Array size is 256 elements (of 4 bytes each), index >= 1 and index <= 256
These bugs were found using the Parfait source code analysis tool.
For more information see http://research.sun.com/projects/parfait
Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
Signed-off-by: Adam Jackson <ajax@redhat.com>
Acked-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| dixsym.c | ||
| dlloader.c | ||
| dlloader.h | ||
| extsym.c | ||
| loader.c | ||
| loader.h | ||
| loaderProcs.h | ||
| loadext.c | ||
| loadmod.c | ||
| Makefile.am | ||
| misym.c | ||
| os.c | ||
| sym.h | ||
| xf86sym.c | ||