openbsd/xenocara
1
0
Fork 0
mirror of https://github.com/openbsd/xenocara.git synced 2025-12-08 10:19:00 +00:00
Code Issues Projects Releases Wiki Activity

Check for integer overflow on BigRequest length.

Browse Source 
Related to CVE-2025-49176.
This commit is contained in:
matthieu
2025-06-19 05:16:21 +00:00
parent 06b1f703db
commit 4607666e18
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
xserver/os/io.c
View File

@@ -395,6 +395,8 @@ ReadRequestFromClient(ClientPtr client)
needed = get_big_req_len(request, client);
}
client->req_len = needed;
if (needed > MAXINT >> 2)
return -(BadLength);
needed <<= 2;
}
if (gotnow < needed) {