|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [qemu-xen-traditional stable-4.5] CVE-2014-7815: vnc: sanitize bits_per_pixel from the client
commit f37beb104956d1095d34e6e523c3e6ea9cde9f94
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Sat Feb 21 19:21:11 2015 +0000
Commit: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
CommitDate: Tue May 10 19:04:49 2016 +0100
CVE-2014-7815: vnc: sanitize bits_per_pixel from the client
Backport of qemu-upstream:
* e6908bfe8e07f2b452e78e677da1b45b1c0f6829
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
vnc.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/vnc.c b/vnc.c
index 48e5c46..573af3b 100644
--- a/vnc.c
+++ b/vnc.c
@@ -1616,6 +1616,16 @@ static void set_pixel_format(VncState *vs,
return;
}
+ switch (bits_per_pixel) {
+ case 8:
+ case 16:
+ case 32:
+ break;
+ default:
+ vnc_client_error(vs);
+ return;
+ }
+
vs->clientds = vs->serverds;
vs->clientds.pf.rmax = red_max;
count_bits(vs->clientds.pf.rbits, red_max);
--
generated by git-patchbot for /home/xen/git/qemu-xen-traditional.git#stable-4.5
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |