read-only mirror of https://gitlab.freedesktop.org/xorg/xserver

Jeremy Huddleston 597747c655 Fix a couple off-by-one array boundary checks. ... Error: Write outside array bounds at Xext/geext.c:406 in function 'GEWindowSetMask' [Symbolic analysis] In array dereference of cli->nextSib[extension] with index 'extension' Array size is 128 elements (of 4 bytes each), index <= 128 Error: Buffer overflow at dix/events.c:592 in function 'SetMaskForEvent' [Symbolic analysis] In array dereference of filters[deviceid] with index 'deviceid' Array size is 20 elements (of 512 bytes each), index >= 0 and index <= 20 Error: Read buffer overflow at hw/xfree86/loader/loader.c:226 in function 'LoaderOpen' [Symbolic analysis] In array dereference of refCount[new_handle] with index 'new_handle' Array size is 256 elements (of 4 bytes each), index >= 1 and index <= 256 These bugs were found using the Parfait source code analysis tool. For more information see http://research.sun.com/projects/parfait Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com> Signed-off-by: Adam Jackson <ajax@redhat.com> Acked-by: Peter Hutterer <peter.hutterer@who-t.net> (cherry picked from commit b680bda34d) (cherry picked from commit 04c9e80f08) Signed-off-by: Keith Packard <keithp@keithp.com>		2009-06-29 14:15:17 -07:00
composite	Switching from Automatic to Manual redirect needs to unmap/remap	2008-09-19 20:58:32 -07:00
config	config: if we can't connect to HAL, listen for a startup notification.	2009-02-18 17:50:21 -08:00
damageext	Unifdef ISC	2008-10-02 17:03:54 -04:00
dbe	Dead code cleanup over DBE.	2008-11-25 15:05:20 -05:00
dix	Fix a couple off-by-one array boundary checks.	2009-06-29 14:15:17 -07:00
doc	xfree86: restore default off for DontZap	2009-06-29 14:14:52 -07:00
exa	EXA: Always damage glyph cache pixmap manually after uploading a glyph.	2009-06-29 14:13:37 -07:00
fb	Partially reverts commit 505c216d03.	2008-10-03 11:24:34 -07:00
glx	Support setTexBuffer2 in AIGLX.	2009-06-29 14:10:40 -07:00
hw	Fix a couple off-by-one array boundary checks.	2009-06-29 14:15:17 -07:00
include	selinux: Add support for avc_acquire_netlink_fd()	2009-03-27 16:18:39 -04:00
mi	mi: force the paired kbd device before CopyKeyClass. (#19574)	2009-02-17 18:57:13 -08:00
miext	XQuartz: Get rid of white rectangle bug	2009-01-09 10:59:32 -08:00
os	os: don't malloc memory in LogVMessageVerb.	2009-05-08 22:50:35 -07:00
randr	Correct access mode in call to dixLookupWindow() within RRSelectInput.	2009-04-08 16:05:11 -04:00
record	Drop the never-called SkippedRequestCallback list.	2008-10-03 17:51:19 -04:00
render	Move matrix operations from X server to pixman 0.13.2	2008-11-25 22:17:58 -08:00
Xext	Fix a couple off-by-one array boundary checks.	2009-06-29 14:15:17 -07:00
xfixes	Unifdef ISC	2008-10-02 17:03:54 -04:00
Xi	Xi: don't double-swap the XListDeviceProperties reply.	2009-05-08 22:56:08 -07:00
xkb	Bug #6428, #16458, #21464: Fix crash due to uninitialized VModMap fields.	2009-06-29 14:11:27 -07:00
.gitignore	gitignore: ignore .patch files	2008-11-21 09:04:17 +10:00
acinclude.m4	dolt: allow older versions of bash to compile the xserver (#19031)	2008-12-16 12:03:03 -08:00
autogen.sh	autogen.sh: Pass --force to autoreconf	2008-07-22 16:55:26 +03:00
configure.ac	DRI2: Implement protocol for DRI2GetBuffersWithFormat	2009-06-11 22:46:00 -07:00
COPYING	Revert "Update COPYING for SHA1 code"	2008-09-23 09:21:37 -07:00
cpprules.in	For MANDEFS, also replace __mandir__ for $(mandir) which includes	2006-12-08 15:51:44 -06:00
Makefile.am	Fix distcheck with dolt	2009-03-27 16:49:45 -04:00
xorg-server.m4	Add xorg-server.m4 for driver dependency checking.	2005-11-01 15:01:51 +00:00
xorg-server.pc.in	Include pciaccess in the xorg-server.pc Requires line.	2008-04-15 14:51:51 -07:00