mirror of
https://gitlab.freedesktop.org/xorg/xserver.git
synced 2025-12-28 02:50:07 +01:00
cbfdb284c9
GetHosts() iterates over all the hosts it has in memory, and copies
them to a buffer. The buffer length is calculated by iterating over
all the hosts and adding up all of their combined length. There is a
potential integer overflow, if there are lots and lots of hosts (with
a combined length of > ~4 gig). This should be possible by repeatedly
calling ProcChangeHosts() on 64bit machines with enough memory.
This patch caps the list at 1mb, because multi-megabyte hostname
lists for X access control are insane.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| .gitignore | ||
| access.c | ||
| auth.c | ||
| backtrace.c | ||
| busfault.c | ||
| client.c | ||
| connection.c | ||
| io.c | ||
| log.c | ||
| Makefile.am | ||
| mitauth.c | ||
| oscolor.c | ||
| osdep.h | ||
| osinit.c | ||
| rpcauth.c | ||
| strcasecmp.c | ||
| strcasestr.c | ||
| strlcat.c | ||
| strlcpy.c | ||
| strndup.c | ||
| utils.c | ||
| WaitFor.c | ||
| xdmauth.c | ||
| xdmcp.c | ||
| xprintf.c | ||
| xsha1.c | ||
| xstrans.c | ||