http://bugs.freedesktop.org/show_bug.cgi?id=13358
--- Comment #26 from Guillaume Melquiond <[EMAIL PROTECTED]> 2008-07-17 00:42:39 PST --- The following is a wild guess, since I haven't had time to compile and test a modified 1.4 server. It's only from a quick glance at the server code. As I mentioned in the previous comment, the GLX stream from the server is corrupted. And looking at the code of DoGetVisualsConfigs in the server GL/glx/glxcmds.c, it doesn't seem surprising. The function allocates a huge buffer on the stack, then it fills it with a few integers from the visual data, and finally it sends the whole buffer to the client. The client will then happily parse the data, including the uninitialized bytes from the buffer. In the server from master branch, the issue does not occur, since the server adds an end-of-stream token to the buffer after the visual data. Looking at the comment in the code, I'm not even sure this token was added on purpose. But at least, it prevents the client from failing its initialization. The fact that the failure only happens on x86-64 is pure luck: The uninitialized data on the stack just happens to crash the clients there, but it could also happen on other platforms. Note also that there is an obvious security issue (both in 1.4 and master): The server is leaking a big chunk of its stack private data to the client. -- Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ -- _______________________________________________ Dri-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dri-devel
