Projects
openEuler:20.03:LTS:SP3
xorg-x11-server
_service:tar_scm_kernel_repo:backport-CVE-2020-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-CVE-2020-14347.patch of Package xorg-x11-server
From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001 From: Matthieu Herrb <matthieu@herrb.eu> Date: Sat, 25 Jul 2020 19:33:50 +0200 Subject: [PATCH] fix for ZDI-11426 Avoid leaking un-initalized memory to clients by zeroing the whole pixmap on initial allocation. This vulnerability was discovered by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative Signed-off-by: Matthieu Herrb <matthieu@herrb.eu> Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com> --- dix/pixmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dix/pixmap.c b/dix/pixmap.c index 1186d7dbbf..5a0146bbb6 100644 --- a/dix/pixmap.c +++ b/dix/pixmap.c @@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize) if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize) return NullPixmap; - pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize); + pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize); if (!pPixmap) return NullPixmap; -- GitLab
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.