[Wayland-bugs] [Bug 69267] Putting a lot of data into wl_buffer can lead to SIGSEGV
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Mon Apr 21 14:51:09 PDT 2014
https://bugs.freedesktop.org/show_bug.cgi?id=69267
Kristian Høgsberg <krh at bitplanet.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #1 from Kristian Høgsberg <krh at bitplanet.net> ---
commit bc609053188cb89bdcd4dbcf6de0eab2217d3274
Author: Ander Conselvan de Oliveira <ander.conselvan.de.oliveira at intel.com>
Date: Thu Apr 17 18:20:37 2014 +0300
connection: Don't write past the end of the connection buffer
If a message was too big to fit in the connection buffer, the code
in wl_buffer_put would just write past the end of it.
I haven't seen any real world use case that would trigger this bug, but
it was possible to trigger it by sending a long enough string to the
wl_data_source.offer request.
https://bugs.freedesktop.org/show_bug.cgi?id=69267
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/wayland-bugs/attachments/20140421/5a72fa55/attachment.html>
More information about the Wayland-bugs
mailing list