Same code as http://patchwork.freedesktop.org/patch/39718/ but different
comments. My r-b from
http://lists.x.org/archives/xorg-devel/2015-January/045096.html
applies to either set of comments.
-alan-
On 01/ 5/15 01:48 PM, Adam Jackson wrote:
The CVE fix in:
commit 97015a07b9e15d8ec5608b95d95ec0eb51202acb
Author: Alan Coopersmith <[email protected]>
Date: Wed Jan 22 22:37:15 2014 -0800
dix: integer overflow in RegionSizeof() [CVE-2014-8092 3/4]
offended the C++ demons:
../../include/regionstr.h:147:45: error: invalid conversion from 'void*' to
'pixman_region16_data_t* {aka pixman_region16_data*}' [-fpermissive]
Normally this isn't a problem, because around here we have the sense and
common decency to not use C++, but this does make tigervnc fail to build,
which is a little rude of us.
Signed-off-by: Adam Jackson <[email protected]>
---
include/regionstr.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/regionstr.h b/include/regionstr.h
index 079375d..1032358 100644
--- a/include/regionstr.h
+++ b/include/regionstr.h
@@ -144,7 +144,7 @@ RegionInit(RegionPtr _pReg, BoxPtr _rect, int _size)
size_t rgnSize;
(_pReg)->extents = RegionEmptyBox;
if (((_size) > 1) && ((rgnSize = RegionSizeof(_size)) > 0) &&
- (((_pReg)->data = malloc(rgnSize)) != NULL)) {
+ (((_pReg)->data = (RegDataPtr) malloc(rgnSize)) != NULL)) {
(_pReg)->data->size = (_size);
(_pReg)->data->numRects = 0;
}
--
-Alan Coopersmith- [email protected]
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: http://lists.x.org/mailman/listinfo/xorg-devel
