SecBSD/xenocara
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix several input validation errors in libX11 and libXpm. CVE-2023-43785 CVE-2023-43786 CVE-2023-43787 CVE-2023-43788 CVE-2023-43789

Browse source
This commit is contained in:
purplerain 2023-10-04 03:57:45 +00:00
parent 21df3bcb54
commit e1ec829e63
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
11 changed files with 153 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/libXpm/src/data.c
View file

@ -108,7 +108,7 @@ ParseComment(xpmData *data)
n++;
s2++;
} while (c == *s2 && *s2 != '\0' && c);
if (*s2 == '\0') {
if (*s2 == '\0' || c == '\0') {
/* this is the end of the comment */
notend = 0;
data->cptr--;
@ -259,13 +259,13 @@ xpmNextWord(
int c;
if (!data->type || data->type == XPMBUFFER) {
while (isspace(c = *data->cptr) && c != data->Eos)
while ((c = *data->cptr) && isspace(c) && (c != data->Eos))
data->cptr++;
do {
c = *data->cptr++;
*buf++ = c;
n++;
} while (!isspace(c) && c != data->Eos && n < buflen);
} while (c && !isspace(c) && (c != data->Eos) && (n < buflen));
n--;
data->cptr--;
} else {