[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [qemu-xen-traditional stable-4.4] CVE-2014-7815: vnc: sanitize bits_per_pixel from the client
commit bbb7bc5e324c4604c66253e06228b0bcaa34d2eb Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> AuthorDate: Sat Feb 21 19:21:11 2015 +0000 Commit: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> CommitDate: Tue May 10 19:09:47 2016 +0100 CVE-2014-7815: vnc: sanitize bits_per_pixel from the client Backport of qemu-upstream: * e6908bfe8e07f2b452e78e677da1b45b1c0f6829 Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- vnc.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/vnc.c b/vnc.c index 48e5c46..573af3b 100644 --- a/vnc.c +++ b/vnc.c @@ -1616,6 +1616,16 @@ static void set_pixel_format(VncState *vs, return; } + switch (bits_per_pixel) { + case 8: + case 16: + case 32: + break; + default: + vnc_client_error(vs); + return; + } + vs->clientds = vs->serverds; vs->clientds.pf.rmax = red_max; count_bits(vs->clientds.pf.rbits, red_max); -- generated by git-patchbot for /home/xen/git/qemu-xen-traditional.git#stable-4.4 _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |