[Spice-devel] [PATCH spice-server 05/16] test-display-base: Avoid global buffer overflow
Frediano Ziglio
fziglio at redhat.com
Wed Sep 6 16:01:55 UTC 2017
>
> On Wed, Sep 06, 2017 at 11:54:38AM -0400, Frediano Ziglio wrote:
> > >
> > > On Mon, Sep 04, 2017 at 11:57:13AM +0100, Frediano Ziglio wrote:
> > > > For some reasons (documented in cursor_init) the function
> > > > uses 128 bytes more of data causing a reading buffer overflow.
> > >
> > > 128 extra bytes of data ?
> > >
> > > Acked-by: Christophe Fergeau <cfergeau at redhat.com>
> > >
> >
> > There's this comment/code some lines below
> >
> > // X drivers addes it to the cursor size because it could be
> > // cursor data information or another cursor related stuffs.
> > // Otherwise, the code will break in client/cursor.cpp side,
> > // that expect the data_size plus cursor information.
> > // Blame cursor protocol for this. :-)
> > cursor.cursor.data_size += 128;
> >
> > No idea what they are talking about...
>
> I saw the comment, I was just suggesting changing "128 bytes more of
> data" to "128 extra bytes of data" in the commit log.
>
> Christophe
>
Done
Frediano
More information about the Spice-devel
mailing list