[PATCH 1/2] Allocate enough room for both reset & flags attributes
Adam Jackson
ajax at nwnk.net
Fri Oct 17 07:00:08 PDT 2014
On Thu, 2014-10-09 at 05:42 -0700, Alan Coopersmith wrote:
> ctx_attribs had room for 3 pairs of attributes, but if both flags & reset
> attributes were being returned it was storing 4 pairs in the array.
>
> Found by Coverity #53442: Out-of-bounds write
> This could cause an immediate crash or incorrect computations.
> In create_driver_context: Out-of-bounds write to a buffer (CWE-119)
>
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>
Reviewed-by: Adam Jackson <ajax at redhat.com>
- ajax
More information about the xorg-devel
mailing list