[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] [Pixman] create_bits(): Cast the result of height * stride to size_t
From: Alan Coopersmith <alan.coopersmith () oracle ! com>
Date: 2016-02-24 18:26:40
Message-ID: 56CDF5E0.7080402 () oracle ! com
[Download RAW message or body]
On 02/24/16 04:10 AM, Gustavo Grieco wrote:
> Hi,
>
> There is an (old) integer overflow in create_bits in the pixman library.
> Patch and details are available here:
>
> https://web.archive.org/web/20141227044037/http://lists.freedesktop.org/archives/pixman/2014-April/003244.html
The quoted patch was applied to the master branch of the pixman git repo as:
https://cgit.freedesktop.org/pixman/commit/?id=857e40f3d2bc2cfb714913e0cd7e6184cf69aca3
and to the pixman-0.32 branch as:
https://cgit.freedesktop.org/pixman/commit/?id=50d7b5fa8ea2ae119f35c20ab0dd0413d5103cbb
It is included in pixman 0.32.6 and later releases.
--
-Alan Coopersmith- alan.coopersmith@oracle.com
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic